CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.6CVSS6.4AI score0.00022EPSS

EUVD-2019-20097

Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...

EUVD•added 2026/04/05 9:30 p.m.•3 views

EUVD-2019-20095

Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can submit crafted SQL payloads in the 's' parameter of search requests to extract...

8.8CVSS6.2AI score0.00141EPSS

8.8CVSS6AI score0.00035EPSS

EUVD-2019-20115

Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user2reset parameter. Attackers can send crafted requests with malicious SQL payloads to extract sensitive database information or modi...

8.8CVSS6AI score0.00042EPSS

EUVD-2019-20119

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the idtodelete parameter. Attackers can send crafted requests with malicious SQL statements in the idtodelete field to extract or modify sensitive database...

EUVD•added 2026/04/05 9:30 p.m.•4 views

EUVD-2019-20093

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

8.5CVSS6.8AI score0.00011EPSS

EUVD•added 2026/04/05 9:30 p.m.•3 views

EUVD-2019-20075

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

8.6CVSS6.8AI score0.0002EPSS

8.6CVSS6.7AI score0.0002EPSS

EUVD-2019-20048

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

Exploits0References5

NVD•added 2026/04/05 9:16 p.m.•2 views

CVE-2019-25679

8.5CVSS0.00011EPSS

NVD•added 2026/04/05 9:16 p.m.•1 views

CVE-2019-25661

Remote Process Explorer 1.0.0.16 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by sending a crafted payload to the Add Computer dialog. Attackers can paste a malicious string into the computer name textbox and trigger a crash by connecting to th...

6.9CVSS0.00017EPSS

Exploits0References3

NVD•added 2026/04/05 9:16 p.m.•1 views

CVE-2019-25663

SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection...

7.1CVSS0.00067EPSS

NVD•added 2026/04/05 9:16 p.m.•2 views

CVE-2019-25656

8.6CVSS0.0002EPSS

Exploits0References4

NVD•added 2026/04/05 9:16 p.m.•2 views

CVE-2018-25256

IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start...

6.8CVSS0.00022EPSS

Exploits1References3

UbuntuCve•added 2026/04/05 9:16 p.m.•0 views

CVE-2019-25656

8.6CVSS6.5AI score0.0002EPSS

Exploits0References5

OSV•added 2026/04/05 9:16 p.m.•1 views

UBUNTU-CVE-2019-25656

8.6CVSS6.6AI score0.0002EPSS

Exploits0References6

Vulnrichment•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25704 Kados R10 GreenBee SQL Injection via filter_user_mail

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...

8.8CVSS6AI score0.00042EPSS

CVE•added 2026/04/05 8:45 p.m.•4 views

CVE-2019-25700

Summary: CVE-2019-25700 affects Kados R10 GreenBee, where an SQL injection vulnerability exists via the sort_direction parameter. The root cause is unsafely constructed database queries that allow attacker-controlled SQL code to be injected. Impact (as stated): attackers could extract sensitive d...

9.1CVSS6AI score0.00044EPSS

Exploits1References4Affected Software1

CVE•added 2026/04/05 8:45 p.m.•4 views

CVE-2019-25702

Kados R10 GreenBee is affected by an SQL injection via the id_project parameter. The vulnerability allows attackers to manipulate database queries to exfiltrate data or modify data. Known CVE records provide CVSS v3.1 (8.2, HIGH) and CVSS v4.0 (8.8, HIGH) impact metrics, with NETWORK attack vecto...

9.1CVSS6AI score0.00042EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/04/05 8:45 p.m.•0 views

CVE-2019-25692 Kados R10 GreenBee SQL Injection via id_to_modify Parameter

Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'idtomodify' parameter. Attackers can send crafted requests with malicious SQL statements in the idtomodify field to extract sensitive database...

8.8CVSS6AI score0.00042EPSS