CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-5642

Malicious code in bioql PyPI...

3.5CVSS9.2AI score0.00339EPSS

Exploits0References9

NVD•added 2025/10/01 5:15 p.m.•1 views

CVE-2025-20367

In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious payload through the dataset.command parameter of t...

5.7CVSS0.00046EPSS

Exploits0References1

Kitploit•added 2024/03/17 11:30 a.m.•23 views

mapXplore - Allow Exporting The Information Downloaded With Sqlmap To A Relational Database Like Postgres And Sqlite

mapXplore is a modular application that imports data extracted of the sqlmap to PostgreSQL or SQLite database. Its main features are: Import of information extracted from sqlmap to PostgreSQL or SQLite for subsequent querying. Sanitized information, which means that at the time of import, it...

6.9AI score

Exploits0References4

RedHat Linux•added 2023/11/07 9:3 a.m.•2 views

kernel: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()

A reference leak flaw was found in the Linux kernel's Radeon graphics driver in the BIOS retrieval logic. A local user on systems with AMD Radeon graphics hardware can trigger this issue when the driver searches for ACPI firmware tables and exits the search loop with an acquired PCI device...

5.5CVSS7.2AI score0.00016EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:26 a.m.•1 views

SUSE CVE-2014-7217

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the 1 table search...

3.5CVSS5.7AI score0.00339EPSS

Exploits0References3

OSV•added 2022/05/17 3:57 a.m.•18 views

GHSA-WV8G-FX9J-Q2JG phpMyAdmin cross-site scripting Vulnerability via ENUM value

3.5CVSS5.8AI score0.00339EPSS

Exploits0References6

Github Security Blog•added 2022/05/17 3:57 a.m.•18 views

phpMyAdmin cross-site scripting Vulnerability via ENUM value

3.5CVSS5.6AI score0.00339EPSS

Exploits0References7Affected Software1

WPVulnDB•added 2021/02/08 12:0 a.m.•15 views

Data Tables Generator by Supsystic < 1.10.0 - Authenticated SQL Injection

The POST parameter "datasearchtextlike" was used in a SQL statement without being sanitised when searching for Tables in the dashboard, leading to an authenticated SQL Injection issue. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Host: example.com User-Agent: YOLO Accept: / Accept-Language:...

8.1AI score

Exploits0References1Affected Software1

UbuntuCve•added 2016/07/03 1:59 a.m.•38 views

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

9.8CVSS7.4AI score0.87019EPSS

Exploits8References2

Cvelist•added 2016/07/03 1:0 a.m.•27 views

CVE-2016-5734

9.6AI score0.87019EPSS

Exploits8References6

Debian CVE•added 2016/07/03 1:0 a.m.•37 views

CVE-2016-5734

9.8CVSS9.7AI score0.87019EPSS

Exploits8

OSV•added 2016/03/01 11:59 a.m.•1 views

DEBIAN-CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.4AI score0.0134EPSS

Exploits0References1

NVD•added 2015/08/24 11:59 p.m.•15 views

CVE-2015-6243

The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service application crash via a crafted packet, related to the 1 dissectorgetstringhandle and 2...

4.3CVSS5.5AI score0.00661EPSS

Exploits0References11

Typo3•added 2014/11/05 12:0 a.m.•104 views

Cross-Site Scripting vulnerability in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension "phpMyAdmin" phpmyadmin is susceptible to Cross-Site Scripting. Release Date: November 5, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: 4.18.0, 4.18.1, 4.18.2 and 4.18.3...

3.5CVSS6.1AI score0.00339EPSS

Exploits0Affected Software1

OSV•added 2014/10/07 9:22 a.m.•3 views

MGASA-2014-0402 Updated phpmyadmin package fixes security vulnerability

In phpMyAdmin before 4.1.14.4, with a crafted ENUM value it is possible to trigger an XSS in table search and table structure pages CVE-2014-7217...

3.5CVSS5.5AI score0.00339EPSS

Exploits0References3

OSV•added 2014/10/03 1:55 a.m.•1 views

DEBIAN-CVE-2014-7217

3.5CVSS8.2AI score0.00339EPSS

Exploits0References1

OSV•added 2014/10/03 1:55 a.m.•1 views

UBUNTU-CVE-2014-7217

3.5CVSS7.3AI score0.00339EPSS

Exploits0References5

Prion•added 2014/10/03 1:55 a.m.•14 views

Cross site scripting

3.5CVSS5.5AI score0.00339EPSS

Exploits0References6Affected Software1

UbuntuCve•added 2014/10/03 1:55 a.m.•19 views

CVE-2014-7217

3.5CVSS7.2AI score0.00339EPSS

Exploits0References4

CVE•added 2014/10/03 1:0 a.m.•57 views

CVE-2014-7217

CVE-2014-7217 corresponds to multiple XSS vulnerabilities in phpMyAdmin: remote authenticated users could inject arbitrary web script via a crafted ENUM value during rendering of the table search or table structure pages. The issue affects phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, ...

3.5CVSS5.1AI score0.00339EPSS

Exploits0References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by