CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/22 6:16 a.m.•3 views

CVE-2018-1000848

Wampserver version prior to version 3.1.5 contains a Cross Site Scripting XSS vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later...

6.1CVSS6AI score0.0024EPSS

Openbugbounty•added 2025/04/01 5:16 p.m.•1 views

wampserver.com Cross Site Scripting vulnerability OBB-4041669

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

NVD•added 2024/12/09 7:15 p.m.•9 views

CVE-2024-46547

7.5CVSS0.00263EPSS

Vulnrichment•added 2024/12/09 12:0 a.m.•7 views

CVE-2024-46547

7.3AI score0.00263EPSS

Cvelist•added 2024/12/09 12:0 a.m.•20 views

CVE-2024-46547

0.00263EPSS

CVE•added 2024/12/09 12:0 a.m.•71 views

CVE-2024-46547

CVE-2024-46547 affects Wampserver (Romain Bourdon) versions 3.2.3 and 3.2.6. The issue arises from improper access-control validation on the PHP Info Page, allowing unauthorized users to access sensitive information. The documented impact is data leakage. No remediation details are provided in th...

7.5CVSS6.7AI score0.00263EPSS

CNNVD•added 2024/12/09 12:0 a.m.•3 views

Wampserver 安全漏洞

Wampserver is a Windows Web development environment by Romain Bourdon Personal Developer. A security vulnerability exists in Wampserver versions 3.2.3 and 3.2.6, which stems from an incorrect permissions modification via a PHP information page that allows unauthorized users to access sensitive...

7.5CVSS6.4AI score0.00263EPSS

Packet Storm•added 2024/03/28 12:0 a.m.•276 views

Event Management 1.0 SQL Injection

Exploit Title: Event Management - SQL Injection Application: Event Management Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://github.com/PuneethReddyHC Software Link: https://github.com/PuneethReddyHC/event-management Version:1.0 Attack Type: Remote Tested on...

0day.today•added 2024/02/26 12:0 a.m.•234 views

Flashcard Quiz App v1.0 - (card) SQL Injection Vulnerability

Exploit Title: Flashcard Quiz App v1.0 - 'card' SQL Injection Application: Flashcard Quiz App Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/17160/flashcard-quiz-app-using-php-and-mysql-source-code.htm...

0day.today•added 2024/02/26 12:0 a.m.•218 views

FAQ Management System v1.0 - (faq) SQL Injection Vulnerability

Exploit Title: FAQ Management System v1.0 - 'faq' SQL Injection Application: FAQ Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Packet Storm•added 2024/02/20 12:0 a.m.•287 views

Petrol Pump Management Software 1.0 Shell Upload

Exploit Title: Petrol pump management software - File Upload Remote Code Execution RCE unauthenticated Google Dork: N/A Application: Petrol pump management software Date: 20.02.2024 Bugs: File Upload Remote Code Execution RCE unauthenticated Exploit Author: SoSPiro Vendor Homepage:...

0day.today•added 2024/02/20 12:0 a.m.•285 views

Petrol Pump Management Software 1.0 Shell Upload Vulnerability

Exploit Title: Petrol pump management software - File Upload Remote Code Execution RCE unauthenticated Application: Petrol pump management software Date: 20.02.2024 Bugs: File Upload Remote Code Execution RCE unauthenticated Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/...

Exploit DB•added 2024/02/19 12:0 a.m.•297 views

Employee Management System v1 - 'email' SQL Injection

Exploit Title: Employee Management System v1 - 'email' SQL Injection Google Dork: N/A Application: Employee Management System Date: 19.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

0day.today•added 2024/02/05 12:0 a.m.•366 views

Bank Locker Management System SQL Injection Vulnerability

Exploit Title: Bank Locker Management System - SQL Injection Application: Bank Locker Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/ Tested on: Windows ...