Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (5 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2019-25707 1 Ebrigade 1 Ebrigade 2026-04-13 7.1 High
eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extract sensitive database information including table names and schema details.
CVE-2019-9622 1 Ebrigade 1 Ebrigade 2024-11-21 N/A
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.
CVE-2019-16745 1 Ebrigade 1 Ebrigade 2024-11-21 8.8 High
eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection.
CVE-2019-16744 1 Ebrigade 1 Ebrigade 2024-11-21 8.8 High
eBrigade before 5.0 has evenements.php cid SQL Injection.
CVE-2019-16743 1 Ebrigade 1 Ebrigade 2024-11-21 8.8 High
eBrigade before 5.0 has evenement_ical.php evenement SQL Injection.