CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/06/07 10:30 p.m.•8 views

CVE-2026-11464

3.1CVSS4.8AI score0.00321EPSS

Vulnrichment•added 2026/06/07 10:30 p.m.•7 views

CVE-2026-11464 JeecgBoot User List Endpoint SysUserController.java queryPageList information disclosure

3.1CVSS4.9AI score0.00321EPSS

CNNVD•added 2026/06/07 12:0 a.m.•5 views

JeecgBoot 访问控制错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.2 and earlier contain an access control vulnerability. This vulnerability stems from the function queryPageList in the User List Endpoint component, which process...

3.1CVSS4.7AI score0.00321EPSS

RedhatCVE•added 2026/06/05 7:14 p.m.•6 views

CVE-2026-40436

The ZTE ZXEDM iEMS product has a password reset vulnerability for any user.Because the management of the cloud EMS portal does not properly control access to the user list acquisition function, attackers can read all user list information through the user list interface. Attackers can reset the...

7.5CVSS5.5AI score0.00191EPSS

NVD•added 2026/05/16 4:16 p.m.•11 views

CVE-2020-37240

Queue Management System 4.0.0 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through user creation fields. Attackers can insert JavaScript payloads in the First Name, Last Name, and Email fields during user creation, which...

6.4CVSS0.00243EPSS

EUVD•added 2026/05/16 3:25 p.m.•8 views

EUVD-2020-31243

ATTACKERKB•added 2026/05/16 3:25 p.m.•5 views

CVE-2020-37240

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/16 3:25 p.m.•8 views

CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User

CVE•added 2026/05/16 3:25 p.m.•12 views

CVE-2020-37240

CVE-2020-37240 affects Queue Management System 4.0.0 with a stored XSS flaw in the Add User workflow. Authenticated administrators can inject JavaScript via First Name, Last Name, or Email during user creation, with payloads executing on the User List page. CVSS-4.0 vector yields 5.1 (MEDIUM), an...

Cvelist•added 2026/05/16 3:25 p.m.•31 views

CVE-2020-37240 Queue Management System 4.0.0 Stored XSS via Add User

6.4CVSS0.00243EPSS

CNNVD•added 2026/05/16 12:0 a.m.•7 views

CodeKernel Token - Queue Management System 跨站脚本漏洞

CodeKernel Token - Queue Management System is a Laravel-based queueing and customer waiting list management system developed by CodeKernel. Version 4.0.0 of CodeKernel Token - Queue Management System contains a cross-site scripting vulnerability. This vulnerability stems from storage-type...

Positive Technologies•added 2026/05/16 12:0 a.m.•15 views

PT-2026-41440

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

Exploits0References5

CVE-2026-7672

A security vulnerability has been detected in youlaitech youlai-boot up to 2.21.1. This affects the function getUserList of the file src/main/java/com/youlai/boot/system/controller/UserController.java of the component Users Endpoint. Such manipulation of the argument order leads to sql injection...

6.5CVSS6.3AI score0.00246EPSS

NVD•added 2026/04/13 7:16 a.m.•3 views

CVE-2026-40436

7.5CVSS0.00191EPSS

Vulnrichment•added 2026/04/13 6:31 a.m.•1 views

CVE-2026-40436 ZTE ZXEDM iEMS product has a password reset vulnerability

7.1CVSS5.8AI score0.00191EPSS