CVE & Exploit Intelligence Database

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,271 with exploits 4,730 exploited in wild 1,542 CISA KEV 3,929 Nuclei templates 37,826 vendors 42,547 researchers
57 results Clear all
CVE-2025-3743 5.3 MEDIUM EPSS 0.01
Upsell Funnel Builder <3.0.0 - Info Disclosure
The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowing the additional product ID and discount field to be manipulated prior to processing via the 'add_offer_in_cart' function. This makes it possible for unauthenticated attackers to arbitrarily update the product associated with any order bump, and arbitrarily update the discount applied to any order bump item, when adding it to the cart.
CWE-472 Apr 25, 2025
CVE-2025-3530 7.5 HIGH EPSS 0.01
WordPress Simple Shopping Cart <5.1.2 - Info Disclosure
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw involving the inconsistent use of parameters during the cart addition process. The plugin uses the parameter 'product_tmp_two' for computing a security hash against price tampering while using 'wspsc_product' to display the product, allowing an unauthenticated attacker to substitute details from a cheaper product and bypass payment for a more expensive item.
CWE-472 Apr 23, 2025
CVE-2025-31327 4.3 MEDIUM EPSS 0.00
SAP Field Logistics - Data Tampering
SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability are not impacted.
CWE-472 Apr 22, 2025
CVE-2025-32816 3.1 LOW EPSS 0.00
CodeLit CourseLit <0.57.5 - Info Disclosure
CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the wrong entity.
CWE-472 Apr 11, 2025
CVE-2025-31333 4.3 MEDIUM EPSS 0.00
SAP S4CORE - Info Disclosure
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted.
CWE-472 Apr 08, 2025
CVE-2025-30152 6.5 MEDIUM 1 Writeup EPSS 0.00
Sylius PayPal Plugin <2.0.2 - Info Disclosure
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. Prior to 1.6.2, 1.7.2, and 2.0.2, a discovered vulnerability allows users to modify their shopping cart after completing the PayPal Checkout process and payment authorization. If a user initiates a PayPal transaction from a product page or the cart page and then returns to the order summary page, they can still manipulate the cart contents before finalizing the order. As a result, the order amount in Sylius may be higher than the amount actually captured by PayPal, leading to a scenario where merchants deliver products or services without full payment. The issue is fixed in versions: 1.6.2, 1.7.2, 2.0.2 and above.
CWE-472 Mar 19, 2025
CVE-2025-30236 8.6 HIGH EPSS 0.00
Shearwater SecurEnvoy SecurAccess <9.4.515 - Auth Bypass
Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SESSION parameter.
CWE-472 Mar 19, 2025
CVE-2025-29788 6.5 MEDIUM 1 Writeup EPSS 0.01
Syliud PayPal Plugin <2.0.1 - Info Disclosure
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after initiating the PayPal Express Checkout process, PayPal will not receive the updated total amount. As a result, PayPal captures only the initially transmitted amount, while Sylius incorrectly considers the order fully paid based on the modified total. This flaw can be exploited both accidentally and intentionally, potentially enabling fraud by allowing customers to pay less than the actual order value. Attackers can intentionally pay less than the actual total order amount, business owners may suffer financial losses due to underpaid orders, and integrity of payment processing is compromised. The issue is fixed in versions 1.6.1, 1.7.1, 2.0.1, and above. To resolve the problem in the end application without updating to the newest patches, there is a need to overwrite `ProcessPayPalOrderAction`, `CompletePayPalOrderFromPaymentPageAction`, and `CaptureAction` with modified logic.
CWE-472 Mar 17, 2025
CVE-2025-26312 EPSS 0.00
SendQuick Entera <11HF5 - Auth Bypass
SendQuick Entera devices before 11HF5 are vulnerable to CAPTCHA bypass by removing the Captcha parameter.
CWE-472 Mar 14, 2025
CVE-2025-27893 1.8 LOW 1 PoC Analysis EPSS 0.00
Archer Platform <6.14.00202.10024 - Privilege Escalation
In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. NOTE: the Supplier analyzed the reported exploitation steps and found that, although the user can modify the immutable field, upon switching to View mode the field is reverted to its original value, without anything being saved to the database (and consequently there is no impact).
CWE-472 Mar 11, 2025
CVE-2025-25382 7.5 HIGH 1 Writeup EPSS 0.00
Information Kerala Mission SANCHAYA <3.0.4 - Info Disclosure
An issue in the Property Tax Payment Portal in Information Kerala Mission SANCHAYA v3.0.4 allows attackers to arbitrarily modify payment amounts via a crafted request.
CWE-472 Mar 10, 2025
CVE-2025-0436 8.8 HIGH EPSS 0.01
Google Chrome <132.0.6834.83 - Heap Corruption
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CWE-472 Jan 15, 2025
CVE-2025-22384 7.5 HIGH EPSS 0.00
Optimizely Configured Commerce <5.2.2408 - Info Disclosure
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server.
CWE-472 Jan 04, 2025
CVE-2024-50703 5.4 MEDIUM 1 Writeup EPSS 0.00
TeamPass <3.1.3.1 - Privilege Escalation
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
CWE-472 Dec 30, 2024
CVE-2024-12123 EPSS 0.00
Issuetrak 17.1 - Auth Bypass
A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user.  When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.  The ticket requester can be changed from the original requester to another user in the same application, which the application then accepts.
CWE-837 Dec 04, 2024
CVE-2024-7025 8.8 HIGH EPSS 0.00
Google Chrome < 129.0.6668.89 - Integer Overflow
Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CWE-190 Nov 27, 2024
CVE-2024-9123 8.8 HIGH EPSS 0.00
Google Chrome < 129.0.6668.70 - Integer Overflow
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CWE-190 Sep 25, 2024
CVE-2024-6010 5.3 MEDIUM EPSS 0.00
Cost Calculator Builder PRO <3.2.1 - Info Disclosure
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipulated prior to processing via the 'create_cc_order' function, called from the Cost Calculator Builder plugin. This makes it possible for unauthenticated attackers to manipulate the price of orders submitted via the calculator. Note: this vulnerability was partially patched with the release of Cost Calculator Builder version 3.2.17.
CWE-472 Sep 07, 2024
CVE-2023-38520 6.5 MEDIUM EPSS 0.00
PINPOINT.WORLD Pinpoint Booking System <2.9.9.3.4 - XSS
External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Functionality Misuse.This issue affects Pinpoint Booking System: from n/a through 2.9.9.3.4.
CWE-472 Jun 04, 2024
CVE-2023-24373 3.7 LOW EPSS 0.01
WpDevArt Booking calendar <3.2.3 - XSS
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3.
CWE-472 Jun 03, 2024

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-3910
Google Chrome <146.0.7680.75 - RCE
 CVE-2026-3909
Google Chrome < 146.0.7680.75 - Out-of-Bounds Access
 CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF