Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

42 matches found

GithubExploit
GithubExploitadded 2026/05/14 8:47 p.m.47 views

Exploit for Improper Access Control in Joomla Joomla\!

Full-Lifecycle CMS Penetration Testing Joomla 4.2.5 📌 Pr...

5.3CVSS6.6AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2025/07/31 7:13 a.m.106 views

Exploit for Improper Access Control in Joomla Joomla\!

PoCs This repo contains proof of concept exploits for vulnera...

9.8CVSS6.5AI score0.9452EPSS
Exploits107
GithubExploit
GithubExploitadded 2025/07/31 7:13 a.m.233 views

Exploit for Improper Access Control in Joomla Joomla\!

PoCs This repo contains proof of concept exploits for vulnera...

9.8CVSS6.5AI score0.9452EPSS
Exploits107
RedhatCVE
RedhatCVEadded 2025/05/23 9:43 a.m.5 views

CVE-2024-23752

GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...

9.8CVSS7.3AI score0.00839EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2025/01/27 2:22 p.m.5 views

CVE-2025-23752 WordPress CGD Arrange Terms plugin <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Clifton Griffin CGD Arrange Terms shopp-arrange allows Reflected XSS.This issue affects CGD Arrange Terms: from n/a through = 1.1.3...

7.1CVSS7.2AI score0.00232EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/27 2:22 p.m.11 views

CVE-2025-23752 WordPress CGD Arrange Terms plugin <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Clifton Griffin CGD Arrange Terms shopp-arrange allows Reflected XSS.This issue affects CGD Arrange Terms: from n/a through = 1.1.3...

7.1CVSS0.00232EPSS
Exploits0References1
CVE
CVEadded 2025/01/27 2:22 p.m.39 views

CVE-2025-23752

CVE-2025-23752 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin CGD Arrange Terms (NotFound CGD Arrange Terms). Affected versions are 1.1.3 and earlier (listed as from n/a through 1.1.3). The root cause is Improper Neutralization of Input During Web Page Generation,...

7.1CVSS7.2AI score0.00232EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2024/07/02 11:50 p.m.388 views

Exploit for Command Injection in Ui Er-X_Firmware

Joomla! CVE-2023-23752 - Unauthenticated Information Disclosur...

8.8CVSS5.6AI score0.9452EPSS
Exploits43
0day.today
0day.todayadded 2024/05/22 12:0 a.m.610 views

Joomla 4.2.8 Information Disclosure Exploit

!/bin/bash Exploit Title: Joomla! \n" exit 1 else echo -e "\n Joomla! out.tmp echo -e "\ni Database info:\n" echo -e "+ DB Type: $sed -E 's/."dbtype":"^"+"./\1/' out.tmp" echo -e "+ DB Host: $sed -E 's/."host":"^"+"./\1/' out.tmp" echo -e "\e92m+ DB User: $sed -E 's/."user":"^"+"./\1/' out.tmp\e0...

5.3CVSS7.2AI score0.9452EPSS
Exploits42
Packet Storm
Packet Stormadded 2024/05/21 12:0 a.m.381 views

Joomla 4.2.8 Information Disclosure

!/bin/bash Exploit Title: Joomla! \n" exit 1 else echo -e "\n Joomla! out.tmp echo -e "\ni Database info:\n" echo -e "+ DB Type: $sed -E 's/."dbtype":"^"+"./\1/' out.tmp" echo -e "+ DB Host: $sed -E 's/."host":"^"+"./\1/' out.tmp" echo -e "\e92m+ DB User: $sed -E 's/."user":"^"+"./\1/' out.tmp\e0...

5CVSS7.4AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2024/05/05 4:16 p.m.66 views

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752 - Joomla-v4.2.8 Unauthenticated information...

5.3CVSS5.9AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2024/05/04 6:44 p.m.134 views

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752 Joomla! v4.2.8 - Unauthenticated informa...

5.3CVSS6AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2024/04/28 4:32 p.m.302 views

Exploit for Improper Access Control in Joomla Joomla\!

Installation sh git clone h...

5.3CVSS6AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2024/04/11 1:39 p.m.255 views

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752 About - This exploit is Authentication Byp...

5.3CVSS6.1AI score0.9452EPSS
Exploits42
GithubExploit
GithubExploitadded 2024/02/19 10:27 a.m.333 views

Exploit for Improper Access Control in Joomla Joomla\!

Joomla! options Arguments - url: Root URL base...

5.3CVSS5.9AI score0.9452EPSS
Exploits42
vulnersOsv
vulnersOsvadded 2024/01/22 3:30 a.m.3 views

exposeq (>=4.1.3 <=4.6.1), squadds (>=0.0.0 <=0.0.3) potentially affected by CVE-2024-23752 via pandasai (>=1.3.3 <=1.5.11)

pandasai PYPI version =1.3.3, =4.1.3, =0.0.0, =0.0.3 Source cves: CVE-2024-23752 Source advisory: OSV:GHSA-5G73-69P4-7GVX...

9.8CVSS7.2AI score0.008EPSS
Exploits1
Circl
Circladded 2024/01/22 2:21 a.m.2 views

CVE-2024-23752

creationtimestamp| type| source ---|---|--- 2024-01-22 02:21:35+00:00| seen| https://t.me/ctinow/170954 2024-02-16 08:16:33+00:00| seen| https://t.me/ctinow/186167...

9.8CVSS8.7AI score0.008EPSS
Exploits1References2
NVD
NVDadded 2024/01/22 1:15 a.m.18 views

CVE-2024-23752

GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...

9.8CVSS9.6AI score0.008EPSS
Exploits1References1
OSV
OSVadded 2024/01/22 1:15 a.m.5 views

CVE-2024-23752

GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...

9.8CVSS9.6AI score
Exploits0References1
CVE
CVEadded 2024/01/22 12:0 a.m.59 views

CVE-2024-23752

Summary: CVE-2024-23752 affects PandasAI (pandas-ai) up to v1.5.17. The vulnerability resides in GenerateSDFPipeline within synthetic_dataframe, where an English-language specification can cause SDFCodeExecutor to run arbitrary Python code. This leads to possible arbitrary code execution with hig...

9.8CVSS9.4AI score0.008EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder