CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4329 matches found

NVD•added 2025/05/31 4:15 a.m.•13 views

CVE-2025-5368

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...

8.8CVSS0.00342EPSS

Exploits1References5

OSV•added 2025/05/31 4:15 a.m.•8 views

CVE-2025-5368

8.8CVSS5.8AI score0.00342EPSS

Exploits1References5

Cvelist•added 2025/05/31 4:0 a.m.•12 views

CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection

6.5CVSS0.00342EPSS

Exploits1References5

Vulnrichment•added 2025/05/31 4:0 a.m.•8 views

CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection

6.5CVSS6.8AI score0.00342EPSS

Exploits1References5

CVE•added 2025/05/31 4:0 a.m.•62 views

CVE-2025-5368

PHPGurukul Daily Expense Tracker System v1.1 contains a SQL injection vulnerability in /expense-yearwise-reports-detailed.php caused by unsafely handling the todate parameter. Exploitation is remote and publicly disclosed. Several sources associate this CVE with high-severity impact (credit in so...

8.8CVSS6.8AI score0.00342EPSS

Exploits1References5Affected Software1

CNNVD•added 2025/05/31 12:0 a.m.•2 views

PHPGurukul Daily Expense Tracker System 安全漏洞

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

8.8CVSS7AI score0.00342EPSS

Exploits1References7

OSV•added 2025/05/28 6:15 p.m.•1 views

DEBIAN-CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

6.1CVSS5.1AI score0.00258EPSS

Exploits0References1

OSV•added 2025/05/28 6:15 p.m.•1 views

DEBIAN-CVE-2025-31501

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink...

6.1CVSS5AI score0.00202EPSS

Exploits0References1

OSV•added 2025/05/28 6:15 p.m.•3 views

CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

6.1CVSS6.2AI score

Exploits0References4

NVD•added 2025/05/28 6:15 p.m.•9 views

CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

7.2CVSS0.00258EPSS

Exploits0References4

OSV•added 2025/05/28 6:15 p.m.•2 views

DEBIAN-CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

6.1CVSS5AI score0.00202EPSS

Exploits0References1

OSV•added 2025/05/28 6:15 p.m.•1 views

UBUNTU-CVE-2025-31501

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink...

7.2CVSS5.8AI score0.00202EPSS

Exploits0References3

OSV•added 2025/05/28 6:15 p.m.•2 views

UBUNTU-CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

7.2CVSS5.8AI score0.00202EPSS

Exploits0References3

OSV•added 2025/05/28 6:15 p.m.•2 views

UBUNTU-CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

7.2CVSS5.8AI score0.00258EPSS

Exploits0References3

Debian•added 2025/05/28 5:35 p.m.•12 views

[SECURITY] [DSA 5926-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5926-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 28, 2025 https://www.debian.org/security/faq -...

8.1CVSS7.4AI score0.00398EPSS

Exploits0

CVE•added 2025/05/28 12:0 a.m.•69 views

CVE-2025-30087

Best Practical RT (Request Tracker) is affected by CVE-2025-30087: versions 4.4 through 4.4.7 and 5.0 through 5.0.7 are vulnerable to cross-site scripting (XSS) via crafted parameters in a search URL. The connected documents confirm this vulnerability as an RT issue and reference release notes su...

7.2CVSS6.1AI score0.00258EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/05/28 12:0 a.m.•10 views

CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

7.2CVSS0.00258EPSS

Exploits0References3

Vulnrichment•added 2025/05/28 12:0 a.m.•7 views

CVE-2025-30087

Best Practical RT Request Tracker 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL...

7.2CVSS6.8AI score0.00258EPSS

Exploits0References3

Cvelist•added 2025/05/28 12:0 a.m.•11 views

CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

7.2CVSS0.00202EPSS

Exploits0References2

CVE•added 2025/05/28 12:0 a.m.•66 views

CVE-2025-31501

Best Practical RT (Request Tracker) 5.0–5.0.7 is affected by an XSS vulnerability via JavaScript injection in an RT permalink. The issue is documented across multiple feeds as CVE-2025-31501 with exposure to remote users, and the impact described is cross-site scripting with low confidentiality/i...

7.2CVSS6.1AI score0.00202EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by