CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-37488

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0077EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-38994

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00055EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:5 p.m.•5 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS7AI score0.0077EPSS

Exploits0References1

VulnCheck KEV•added 2024/07/23 12:0 a.m.•0 views

VulnCheck KEV: CVE-2024-5178

ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server. The vulnerability...

6.9CVSS5.8AI score0.01918EPSS

Exploits2References1

NVD•added 2024/07/01 1:15 p.m.•16 views

CVE-2024-6424

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a remote, unauthenticated attacker to exploit the endpoint "/api/Proxy/Post?userName=&password=&uri=FILE|INTERNAL URL|IP/HOST" or "/api/Proxy/Get?userName=&password=&uri=ARCHIVO|URL INTERNA|IP/HOST" to re...

9.3CVSS0.00562EPSS

Exploits0References1

CVE•added 2024/07/01 12:54 p.m.•68 views

CVE-2024-6424

The CVE-2024-6424 entry describes an External server-side request vulnerability in MESbook (version 20221021.03) allowing remote, unauthenticated attackers to exploit endpoints /api/Proxy/Post?userName=&password=&uri= or /api/Proxy/Get?userName=&password=&uri= to read web-file source code, read i...

9.3CVSS9.2AI score0.00562EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/07/01 12:54 p.m.•20 views

CVE-2024-6424 Server-Side Request Forgery vulnerability in MESbook

9.3CVSS0.00562EPSS

Exploits0References1

Positive Technologies•added 2024/04/12 12:0 a.m.•3 views

PT-2024-27284 · Opengnsys · Opengnsys

Name of the Vulnerable Software and Affected Versions: OpenGnsys version 1.1.1d Espeto Description: The issue allows an attacker to enumerate all files in the web tree by accessing a php file. This is an information exposure vulnerability. Recommendations: For OpenGnsys version 1.1.1d Espeto,...

5.3CVSS6.9AI score0.00303EPSS

Exploits0References5

CNNVD•added 2024/01/12 12:0 a.m.•1 views

Lif Authentication Server Security Vulnerability

Lif Authentication Server is a Lif Platforms open source server for authenticating Lif account logins, administrative information, and account recovery. A security vulnerability exists in versions of Lif Authentication Server prior to 1.4.0 that stems from a failure to check that files received b...

7.5CVSS6.9AI score0.00321EPSS

Exploits0References3

CNVD•added 2023/08/10 12:0 a.m.•1 views

Emby Server Cross-Site Scripting Vulnerability

Emby Server is a personal media server software that supports storing, managing, and streaming personal media content with support for multiple device access. A cross-site scripting vulnerability exists in Emby Server. The vulnerability stems from some unknown handling of files/web/ and no detail...

6.1CVSS6.3AI score0.00127EPSS

Exploits1References1

CNNVD•added 2023/06/29 12:0 a.m.•1 views

Ovarro TBox RTU 安全漏洞

Ovarro TBox RTUs is a modular remote monitoring and automation solution from Ovarro Germany. A security vulnerability exists in the Ovarro TBox RTUs that stems from a lack of authorization to run certain API commands, which could be exploited by an attacker to disclose sensitive information, such...

5.3CVSS5.6AI score0.00115EPSS

Exploits0References2

CNNVD•added 2023/05/16 12:0 a.m.•2 views

Serendipity 代码问题漏洞

Serendipity is a PHP-based blogging system from the Serendipity team. The system supports the creation of online journals, blogs, web pages and more. A security vulnerability exists in Serendipity version 2.4-beta1. An attacker can exploit the vulnerability to execute arbitrary code via specially...

8.8CVSS8.5AI score0.00882EPSS

Exploits1References2

OSV•added 2022/07/19 8:15 p.m.•0 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS7.1AI score

Exploits0References1

ATTACKERKB•added 2022/07/19 8:15 p.m.•0 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS5.8AI score0.0077EPSS

Exploits0References2

NVD•added 2022/07/19 8:15 p.m.•9 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.5CVSS0.0077EPSS

Exploits0References1

Prion•added 2022/07/19 8:15 p.m.•11 views

Code injection

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

5CVSS7.6AI score0.0077EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/07/19 7:3 p.m.•8 views

CVE-2022-34535

Digital Watchdog DW MEGApix IP cameras A7.2.220211029 allows unauthenticated attackers to view internal paths and scripts via web files...

7.8AI score0.0077EPSS

Exploits0References1

OSV•added 2022/02/24 3:15 p.m.•0 views

CVE-2022-25402

An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify all PHP files...

9.1CVSS5.8AI score0.00544EPSS

Exploits1References1

OSV•added 2020/05/20 3:15 p.m.•0 views

UBUNTU-CVE-2020-13239

The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...

5.4CVSS5.8AI score0.00229EPSS

Exploits1References3