CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1298 matches found

OSV•added 2025/12/17 5:15 p.m.•1 views

CVE-2025-67285

A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate...

7.3CVSS5.8AI score

Exploits0References1

Snyk•added 2025/11/01 6:33 a.m.•1 views

SQL Injection

Overview fosslight-binary is a FOSSLight Binary Scanner Affected versions of this package are vulnerable to SQL Injection due to unsanitized string formatting of filename-, hecksum-, and TLSH-derived values into SQL queries. An attacker can view, modify, or delete data in the underlying database,...

8.3CVSS8.1AI score

Exploits0References3

Hacker One•added 2025/10/29 4:0 a.m.•9 views

Revive Adserver: Information Disclosure via Verbose Error Messages

Version: ==revive-adserver 6.0.0== Summary: Revive Adserver v6.0.0 exposes sensitive technical details through verbose error messages, revealing the exact MySQL/MariaDB version, SQL queries, and PHP environment details. Attackers can use this information to identify known vulnerabilities or craft...

4.3CVSS7.4AI score0.00024EPSS

Exploits1

CNVD•added 2025/10/21 12:0 a.m.•1 views

WordPress External Login plugin Information Disclosure Vulnerability

The WordPress External Login plugin is mainly used to integrate WordPress login functionality with an external database system, allowing users to log in to the site directly through an external account. An information disclosure vulnerability exists in the WordPress External Login plugin, which...

4.3CVSS6.7AI score0.00047EPSS

Exploits0References1