Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Circl
Circladded 2026/03/20 4:6 p.m.2 views

CVE-2026-33371

creationtimestamp| type| source ---|---|--- 2026-03-20 16:06:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhiviavr7d24...

4.3CVSS5.8AI score0.00062EPSS
Exploits0References1
NVD
NVDadded 2026/03/20 2:16 p.m.2 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

4.3CVSS0.00062EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 11:26 a.m.8 views

CVE-2021-33371

A stored cross-site scripting XSS vulnerability in /navbaraction.php of Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat box...

5.4CVSS5.6AI score0.00197EPSS
Exploits1References1
NVD
NVDadded 2024/04/30 8:15 p.m.11 views

CVE-2024-33371

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtmllistaction.php component...

6.1CVSS6.5AI score0.00381EPSS
Exploits1References1
CVE
CVEadded 2024/04/30 12:0 a.m.59 views

CVE-2024-33371

CVE-2024-33371 affects DedeCMS v5.7.113. The vulnerability is a Cross Site Scripting flaw in the makehtml_list_action.php component, exploitable via the typeid parameter to trigger arbitrary code execution. Documents consistently identify the affected software/version and the vulnerable parameter...

6.1CVSS7.3AI score0.00381EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/09/29 12:0 a.m.23 views

Control iD iDSecure Hard-coded JWT Key Authentication Bypass (CVE-2023-33371)

Binary data controlididsecurecve-2023-33371.nbin...

9.8CVSS9.7AI score0.00073EPSS
Exploits0References2
NVD
NVDadded 2023/08/03 1:15 a.m.11 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS9.6AI score0.00073EPSS
Exploits0References2
OSV
OSVadded 2023/08/03 1:15 a.m.3 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS5.9AI score0.00073EPSS
Exploits0References2
CVE
CVEadded 2023/08/03 12:0 a.m.2516 views

CVE-2023-33371

CVE-2023-33371 affects Control ID IDSecure 4.7.26.0 and earlier. The vulnerability arises from a hardcoded cryptographic key used to sign and verify JWT session tokens, enabling an attacker to forge tokens and bypass authentication. Exploitation details are not provided in these documents, but th...

9.8CVSS9.3AI score0.00073EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/03 12:0 a.m.11 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

7AI score0.00073EPSS
Exploits0References2
CVE
CVEadded 2022/07/27 11:15 p.m.50 views

CVE-2021-33371

CVE-2021-33371 is a stored XSS in Student Management System v1.0 caused by unsanitized input in /nav_bar_action.php (Chat box). Multiple connected sources confirm the vulnerable endpoint and payload injection as the attack vector, leading to execution of arbitrary client-side scripts. Affected so...

5.4CVSS5.2AI score0.00197EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder