Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

161277 matches found

Hacker One
Hacker Oneadded 2026/05/10 11:9 p.m.25 views

curl: Kerberos/SPNEGO Connection Reuse Vulnerability

Kerberos/SPNEGO Connection Reuse Vulnerability in curl Summary curl reuses HTTP connections across different users without checking Kerberos state. User B's request can inherit User A's GSS security context, allowing authentication bypass. Affected Versions All curl versions with Kerberos support...

5.9AI score
Exploits0
Patchstack
Patchstackadded 2026/05/10 10:37 p.m.7 views

WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Bima Ikhsan in WordPress Plugin Email Marketing for WooCommerce by Omnisend versions = 1.18.0...

5.8AI score0.00427EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2026/05/10 3:31 p.m.22 views

EUVD-2022-55969

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

8.8CVSS6.1AI score0.00347EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/05/10 3:25 p.m.92 views

Spring4Shell-POC

ReznokWorks 사내 게시판 — 모의해킹 시나리오 PoC 원본 Spring4Shell PoChttp...

9.8CVSS5.8AI score0.99677EPSS
Exploits100
NVD
NVDadded 2026/05/10 1:16 p.m.19 views

CVE-2021-47947

Projectsend r1295 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input in the 'name' parameter of files-edit.php. Attackers can inject JavaScript payloads through the file name field that execute in the...

6.4CVSS0.00204EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/10 12:43 p.m.12 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
CVE
CVEadded 2026/05/10 12:43 p.m.14 views

CVE-2021-47931

Exponent CMS 2.6 is affected by a stored cross-site scripting (XSS) vulnerability in the text editing endpoint, exploitable via Title and Text Block parameters. Attackers with authentication can inject scripts (e.g., iframe payloads with embedded SVG onload events) to run arbitrary JavaScript. Th...

6.4CVSS5.9AI score0.00213EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/10 12:43 p.m.32 views

CVE-2021-47931 Exponent CMS 2.6 Multiple Vulnerabilities Stored XSS Authentication

Exponent CMS 2.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the Title and Text Block parameters in the text editing endpoint. Attackers can inject iframe payloads with embedded SVG onload events to execute arbitrary...

6.4CVSS0.00213EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2026/05/10 12:35 p.m.96 views

Exploit for Missing Authentication for Critical Function in Cpanel

cPanelSniper CVE-2026-41940 — c...

9.8CVSS6.2AI score0.981EPSS
Exploits64
EUVD
EUVDadded 2026/05/10 12:30 p.m.11 views

EUVD-2026-28993

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.5AI score0.00403EPSS
Exploits0References5
NVD
NVDadded 2026/05/10 10:16 a.m.20 views

CVE-2026-8244

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS0.00403EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/10 9:15 a.m.7 views

CVE-2026-8244

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.8AI score0.00403EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/10 9:15 a.m.7 views

CVE-2026-8244 Industrial Application Software IAS Canias ERP Login RMI improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS5.8AI score0.00403EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/10 9:15 a.m.47 views

CVE-2026-8244 Industrial Application Software IAS Canias ERP Login RMI improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulation of the argument clientVersion leads to improper authentication. It is possible to initiate the attack remotely. The exploi...

6.9CVSS0.00403EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/10 6:30 a.m.10 views

EUVD-2026-28977

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
EUVD
EUVDadded 2026/05/10 3:33 a.m.53 views

EUVD-2026-28952

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/10 3:33 a.m.7 views

EUVD-2026-28950

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS5.7AI score0.00403EPSS
Exploits0References5
NVD
NVDadded 2026/05/10 1:16 a.m.54 views

CVE-2026-8216

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS0.00391EPSS
Exploits0References4
NVD
NVDadded 2026/05/10 1:16 a.m.22 views

CVE-2026-8214

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results in improper authentication. It is possible to launch the attack remotely. The exploit has been ma...

6.9CVSS0.00403EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/10 1:0 a.m.8 views

CVE-2026-8216 Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References4
Rows per page
Query Builder