Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2023/10/04 10:56 a.m.43 views

CVE-2023-3701

The CVE-2023-3701 entry concerns Aqua Drive version 2.4, which is reported to be vulnerable to a relative path traversal. The vulnerability allows an authenticated non-privileged user to access or modify stored resources belonging to other users and could enable access or modification of source a...

9.9CVSS8.8AI score0.0009EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCveadded 2023/01/17 8:15 p.m.77 views

CVE-2022-36760

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...

9CVSS6.8AI score0.0031EPSS
Exploits0References6
OSV
OSVadded 2022/05/13 1:5 a.m.35 views

GHSA-7F84-9CQF-G4J9 Camaleon CMS vulnerable to Stored Cross-site Scripting

In the 2.4 version of Camaleon CMS, Stored XSS has been discovered. The profile image in the User settings section can be run in the update / upload area via /admin/media/upload?actions=false...

6.1CVSS5.9AI score0.00211EPSS
Exploits2References4
CNNVD
CNNVDadded 2021/06/01 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

5.4CVSS5.4AI score0.00162EPSS
Exploits2References2
CVE
CVEadded 2018/10/15 12:0 a.m.42 views

CVE-2018-18260

Camaleon CMS (Ruby on Rails) vulnerability CVE-2018-18260 affects version 2.4 where a Stored XSS is possible via the User settings profile image upload path. The issue is triggered when a malicious payload is processed in the update/upload area through /admin/media/upload?actions=false, allowing ...

6.1CVSS5.9AI score0.00211EPSS
Exploits2References1Affected Software1
exploitpack
exploitpackadded 2012/08/20 12:0 a.m.16 views

YourArcadeScript 2.4 - index.php?id SQL Injection

YourArcadeScript 2.4 - index.php?id SQL Injection Exploit Title: YourArcadeScript 2.4 SQLi Vulnerability Version: 2.4 Date: 17/08/2012 Author: DaOne LCA Software Link: http://www.yourarcadescript.com Google Dork: intext:"Powered by YourArcadeScript 2.4" Exploit...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2008/05/08 12:0 a.m.34 views

Vulnerability in pMachinePro

Здравствуйте 3APA3A! Сообщаю вам о найденной мною HTTP Response Splitting уязвимости в pMachinePro. Уязвимость в скрипте sitelaunch.php в параметре go. Которая может быть использована в частности для проведения Cross-Site Scripting атаки. XSS:...

Exploits0
Rows per page
Query Builder