Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

86 matches found

OSV
OSVadded 2026/06/06 4:6 a.m.3 views

MINI-7HWH-G3MW-3754

Bulletin has no description...

9.6CVSS5.2AI score0.00344EPSS
Exploits0
CVE
CVEadded 2026/03/08 5:32 p.m.10 views

CVE-2026-3754

CVE-2026-3754 affects SourceCodester Sales and Inventory System 1.0. The vulnerability is an SQL injection in the /add_stock.php module, triggered by manipulating the cost argument, with remote exploitation and a publicly available exploit. Multiple feeds consistently describe an unknown function...

8.8CVSS6.5AI score0.00301EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/08 5:32 p.m.1 views

CVE-2026-3754

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

6.5CVSS5.7AI score0.00301EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/08 5:32 p.m.4 views

CVE-2026-3754 SourceCodester Sales and Inventory System add_stock.php sql injection

A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown function of the file /addstock.php. Performing a manipulation of the argument cost results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used...

6.5CVSS5.7AI score0.00301EPSS
Exploits1References5
Circl
Circladded 2025/07/05 3:15 a.m.4 views

RHSA-2024:3754

creationtimestamp| type| source ---|---|--- 2025-07-05 03:15:12+00:00| seen| Telegram/s-MyXHxfQRDkFCdBpAqom8tzuSuq39rL64NDbcTutOGe0 2025-10-09 12:11:07+00:00| seen| Telegram/FvcNQD67cBNjJyyjUe673NMSVZJDnPS-bQ-6HhEm-Z87R1U...

4.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 10:0 a.m.6 views

CVE-2011-3754

Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files...

5CVSS6.5AI score0.01335EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/06 12:50 a.m.7 views

CVE-2022-3754

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8...

9.8CVSS6.7AI score0.01139EPSS
Exploits1References4
NVD
NVDadded 2024/06/14 6:15 a.m.34 views

CVE-2024-3754

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7CVSS0.00359EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2024/06/14 6:0 a.m.23 views

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.7AI score0.00359EPSS
Exploits2References1
Cvelist
Cvelistadded 2024/06/14 6:0 a.m.29 views

CVE-2024-3754 Alemha Watermarker <= 1.3.1 - Author+ Stored XSS

The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00359EPSS
Exploits2References1
Tenable Nessus
Tenable Nessusadded 2024/06/11 12:0 a.m.20 views

Oracle Linux 9 : ipa (ELSA-2024-3754)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3754 advisory. - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force Tenable...

8.8CVSS7.9AI score0.02036EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2024/06/10 12:0 a.m.17 views

RHEL 9 : ipa (RHSA-2024:3754)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3754 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and...

8.8CVSS7.9AI score0.02036EPSS
Exploits1References6
Patchstack
Patchstackadded 2024/05/24 12:0 a.m.11 views

WordPress Alemha watermarker Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Alemha watermarker Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3754 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID fe01f090b53e Credits Erdemstar Required...

4.7CVSS5.7AI score0.00359EPSS
Exploits2References3Affected Software1
GithubExploit
GithubExploitadded 2023/09/07 7:49 a.m.7 views

Exploit for Improper Input Validation in Redhat Keycloak

CVE-2021-3754 This repository documents Vulnerability details...

5.3CVSS7.6AI score0.01773EPSS
Exploits1
SUSE CVE
SUSE CVEadded 2023/09/07 2:36 a.m.4 views

SUSE CVE-2023-3754

A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...

6.1CVSS4.4AI score0.00317EPSS
Exploits0References3
Circl
Circladded 2023/07/19 7:25 a.m.2 views

CVE-2023-3754

creationtimestamp| type| source ---|---|--- 2023-07-19 07:25:06+00:00| seen| https://t.me/cibsecurity/66992...

6.1CVSS4.7AI score0.00317EPSS
Exploits0References1
OSV
OSVadded 2023/07/19 3:15 a.m.2 views

CVE-2023-3754

A vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/messageread/xxxxxxxxrandom-msg-hash. The manipulation of the argument message leads to cross site scripting. It is...

6.1CVSS4.1AI score
Exploits0References2
CVE
CVEadded 2023/07/19 3:0 a.m.54 views

CVE-2023-3754

CVE-2023-3754 affects Creativeitem Ekushey Project Manager CRM 5.0. A cross-site scripting vulnerability exists in an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash], where manipulating the message parameter enables remote XSS. The primary documents d...

6.1CVSS4.8AI score0.00317EPSS
Exploits0References2Affected Software1
Circl
Circladded 2022/10/29 4:30 p.m.1 views

CVE-2022-3754

creationtimestamp| type| source ---|---|--- 2022-10-29 16:30:08+00:00| seen| https://t.me/cibsecurity/52263...

9.8CVSS7.7AI score0.01139EPSS
Exploits1References1
NVD
NVDadded 2022/10/29 1:15 p.m.37 views

CVE-2022-3754

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8...

9.8CVSS0.01139EPSS
Exploits1References2
Rows per page
Query Builder