CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-51235

Malicious code in bioql PyPI...

9.8CVSS7.5AI score0.00181EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-28690

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00905EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:2 p.m.•5 views

CVE-2022-33880

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...

9.8CVSS8AI score0.00245EPSS

Exploits1References1

OSV•added 2024/12/27 2:15 a.m.•1 views

CVE-2024-12976

A vulnerability, which was classified as critical, has been found in CodeZips Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /staff.php. The manipulation of the argument tel leads to sql injection. The attack may be launched remotely. The exploit...

9.8CVSS5.7AI score

Exploits0References4

CVE•added 2024/12/27 1:0 a.m.•50 views

CVE-2024-12976

CVE-2024-12976 affects CodeZips Hospital Management System 1.0. Affected component: /staff.php where manipulation of the tel parameter enables SQL injection. The vulnerability is exploitable remotely and the exploit has been disclosed publicly. Several sources rate the issue as critical, with CVS...

9.8CVSS7.4AI score0.00181EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/12/27 1:0 a.m.•15 views

CVE-2024-12976 CodeZips Hospital Management System staff.php sql injection

7.5CVSS0.00181EPSS

Exploits1References4

Packet Storm•added 2023/02/17 12:0 a.m.•275 views

Demanzo Matrimony 1.5 Cross Site Request Forgery

==================================================================================================================================== | Title : Demanzo Matrimony v.1.5 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 109.0.132-bit | |...

0.5AI score

Exploits0

Prion•added 2022/09/29 7:15 p.m.•14 views

Sql injection

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter...

7.5CVSS9.8AI score0.00245EPSS

Exploits1References1Affected Software1

CVE•added 2022/09/29 6:43 p.m.•55 views

CVE-2022-33880

Projectworlds Hospital Management System Mini-Project contains an SQL injection in hms-staff.php via the type parameter, affecting versions prior to 2018-06-17. The root cause is unsafely constructed SQL in that file, enabling data disclosure or unauthorized access as described in related advisor...

9.8CVSS9.8AI score0.00245EPSS

Exploits1References1Affected Software1

CNVD•added 2021/12/24 12:0 a.m.•16 views

Projectworlds Hospital Management System SQL Injection Vulnerability

Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. SQL injection vulnerability exists in Projectworlds Hospital Management System version 1.0, which can be exploited by attackers via the "hms -staff.php" in "email parameter" to perform SQL...

9.8CVSS4AI score0.00245EPSS

Exploits1References1

NVD•added 2021/12/22 6:15 p.m.•9 views

CVE-2021-43628

Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php...

9.8CVSS0.00245EPSS

Exploits1References2

CNNVD•added 2021/12/22 12:0 a.m.•1 views

Projectworlds Hospital Management System SQL注入漏洞

9.8CVSS5.9AI score0.00245EPSS

Exploits1References2

OSV•added 2021/11/30 2:15 p.m.•9 views

CVE-2021-41678

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/users/Staff.php, staffTITLE parameter...

9.8CVSS8AI score

Exploits0References1

NVD•added 2021/11/30 2:15 p.m.•10 views

CVE-2021-41678

9.8CVSS0.00905EPSS

Exploits1References1

Openbugbounty•added 2018/10/31 6:14 a.m.•14 views

quantumlah.org XSS vulnerability

Open Bug Bounty ID: OBB-693253 Description| Value ---|--- Affected Website:| quantumlah.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score

Exploits0

Prion•added 2009/09/11 4:30 p.m.•6 views

Sql injection

Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 username parameter $usernameb variable to alogin.php or 2 user parameter to staff.php...

6.8CVSS9.3AI score0.00981EPSS

Exploits1References10Affected Software1

Packet Storm•added 2007/01/13 12:0 a.m.•18 views

fcCMS10-xss.txt

Fix & Chips CMS v1.0 http://software.fixnchipsit.com/ Vulnerable files: staff.php delete-announce.php new-customer.php search.php client-results.php -------------------------------------------- staff.php XSS User input in the Announcement box isn't properly sanatized before being generated. A few...

7.4AI score

Exploits0

Prion•added 2007/01/09 6:28 p.m.•11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fix and Chips CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter in a delete-announce.php; the 2 Announcement form field in b staff.php; the 3 Client Name, 4 Business Name, 5 Street, 6 Address 2, 7...

6CVSS6.1AI score0.02686EPSS

Exploits0References10Affected Software1

Cvelist•added 2007/01/09 6:0 p.m.•15 views

CVE-2007-0146

5.9AI score0.02686EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by