CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

216160 matches found

EUVD•added 2026/05/25 2:15 p.m.•9 views

EUVD-2018-21892

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS5.9AI score0.00348EPSS

Exploits0References4

Cvelist•added 2026/05/25 2:15 p.m.•22 views

CVE-2018-25364 Twitter-Clone 1 SQL Injection via search.php

Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can submit crafted payloads to the search.php endpoint to extract database information including username...

8.8CVSS0.00337EPSS

Exploits0References3

Cvelist•added 2026/05/25 2:15 p.m.•20 views

CVE-2018-25362 Twitter-Clone 1 SQL Injection via follow.php

Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...

8.8CVSS0.00309EPSS

Exploits0References3

ATTACKERKB•added 2026/05/25 2:15 p.m.•8 views

CVE-2018-25362

8.8CVSS5.9AI score0.00309EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/25 2:15 p.m.•6 views

CVE-2018-25362 Twitter-Clone 1 SQL Injection via follow.php

8.8CVSS5.9AI score0.00309EPSS

Exploits0References3

NVD•added 2026/05/25 11:16 a.m.•9 views

CVE-2026-9451

A weakness has been identified in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /process/applyleaveprocess.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has...

6.5CVSS0.00246EPSS

Exploits0References5

NVD•added 2026/05/25 11:16 a.m.•17 views

CVE-2026-9447

A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Name results in sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS0.00319EPSS

Exploits0References5

NVD•added 2026/05/25 11:16 a.m.•10 views

CVE-2026-9450

A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the public a...

6.5CVSS0.00246EPSS

Exploits0References5

ATTACKERKB•added 2026/05/25 10:45 a.m.•7 views

CVE-2026-9451

6.5CVSS6.5AI score0.00246EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/25 10:45 a.m.•36 views

CVE-2026-9451 code-projects Employee Management System applyleaveprocess.php sql injection

6.5CVSS0.00246EPSS

Exploits0References5

Vulnrichment•added 2026/05/25 10:45 a.m.•6 views

CVE-2026-9451 code-projects Employee Management System applyleaveprocess.php sql injection

6.5CVSS6.5AI score0.00246EPSS

Exploits0References5

CVE•added 2026/05/25 10:45 a.m.•15 views

CVE-2026-9451

Summary (CVE-2026-9451): Code-Projects Employee Management System 1.0 contains a vulnerability in the /process/applyleaveprocess.php handling of the ID parameter, enabling SQL injection. The issue is remote and has PoC exploitation notes in the entry. The CVSS-derived metrics indicate a medium se...

6.5CVSS6.5AI score0.00246EPSS

Exploits0References5

Cvelist•added 2026/05/25 10:30 a.m.•33 views

CVE-2026-9450 code-projects Employee Management System psubmit.php sql injection

6.5CVSS0.00246EPSS

Exploits0References5

ATTACKERKB•added 2026/05/25 10:30 a.m.•7 views

CVE-2026-9450

6.5CVSS6.5AI score0.00246EPSS

Exploits0References5Affected Software1

EUVD•added 2026/05/25 10:30 a.m.•8 views

EUVD-2026-31667

6.5CVSS6.5AI score0.00246EPSS

Exploits0References5

NVD•added 2026/05/25 10:16 a.m.•6 views

CVE-2026-9444

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely...

5.8CVSS0.00318EPSS

Exploits0References5

NVD•added 2026/05/25 10:16 a.m.•10 views

CVE-2026-9446

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/editcustomer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed t...

5.8CVSS0.00318EPSS

Exploits0References5

Cvelist•added 2026/05/25 10:15 a.m.•33 views

CVE-2026-9449 code-projects Employee Management System changepassemp.php sql injection

A vulnerability was identified in code-projects Employee Management System 1.0. This impacts an unknown function of the file /changepassemp.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

6.5CVSS0.00246EPSS

Exploits0References5

EUVD•added 2026/05/25 10:15 a.m.•7 views

EUVD-2026-31665

6.5CVSS6.4AI score0.00246EPSS

Exploits0References5

ATTACKERKB•added 2026/05/25 9:45 a.m.•9 views

CVE-2026-9447

7.5CVSS6.9AI score0.00319EPSS

Exploits0References5Affected Software1

Rows per page