CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/04 12:0 a.m.•14 views

PT-2026-46213

Name of the Vulnerable Software and Affected Versions Soliloquy Lite version 2.5.6 Description A persistent cross-site scripting issue allows authenticated attackers to inject malicious scripts by inserting script tags into the post title field. This is achieved by submitting POST requests to the...

5.4CVSS4.8AI score0.00171EPSS

Exploits0References7

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46328

Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...

9.8CVSS5.3AI score0.00386EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•13 views

PT-2026-46324

Unauthenticated Local File Inclusion in Rosaleen = 2.8 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46340

Unauthenticated Local File Inclusion in Especio = 1.0 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•14 views

PT-2026-46377

Unauthenticated Local File Inclusion in Etude = 1.6 versions...

8.1CVSS5.2AI score0.00348EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46356

Unauthenticated Local File Inclusion in Putter = 1.17 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•13 views

PT-2026-46370

Unauthenticated Local File Inclusion in Gunslinger = 1.7 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46351

Unauthenticated Local File Inclusion in Abelle = 1.22 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•10 views

PT-2026-46346

Unauthenticated Local File Inclusion in Wanium = 1.9.8 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46326

Unauthenticated Local File Inclusion in Raider Spirit = 1.1.2 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46355

Unauthenticated Local File Inclusion in Dom = 1.24 versions...

8.1CVSS5.2AI score0.00348EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46348

Subscriber Privilege Escalation in Genemy = 1.6.6 versions...

8.8CVSS5.2AI score0.00389EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•11 views

PT-2026-46368

Unauthenticated Local File Inclusion in Skyward = 1.10 versions...

8.1CVSS5.2AI score0.00348EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•16 views

PT-2026-46212

Name of the Vulnerable Software and Affected Versions Zoner Real Estate version 4.1.1 Description A persistent cross-site scripting issue exists where authenticated agents can inject malicious JavaScript payloads through the Address input field during property creation. These scripts execute when...

5.4CVSS4.9AI score0.00171EPSS

Exploits0References7

Positive Technologies•added 2026/06/04 12:0 a.m.•13 views

PT-2026-46215

WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid'...

8.8CVSS5.9AI score0.00262EPSS

Exploits0References4

Positive Technologies•added 2026/06/04 12:0 a.m.•12 views

PT-2026-46197

WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=export csv and a malicious path...

9.8CVSS5.9AI score0.0046EPSS

Exploits0References4

Positive Technologies•added 2026/06/04 12:0 a.m.•11 views

PT-2026-46334

Unauthenticated Local File Inclusion in Ingenioso = 1.14.0 versions...

Positive Technologies•added 2026/06/04 12:0 a.m.•11 views

PT-2026-46382

Unauthenticated Privilege Escalation in Support Ticket Management System = 1.9 versions...

9.8CVSS5.2AI score0.0045EPSS