Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

ICS
ICSadded 2023/12/19 7:0 a.m.33 views

EFACEC BCU 500

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : EFACEC Equipment : BCU 500 Vulnerabilities : Uncontrolled Resource Consumption, Cross-site Request Forgery 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

8.9AI score
Exploits0References10
Patchstack
Patchstackadded 2019/12/04 12:0 a.m.23 views

WordPress CSS Hero plugin <= 4.03 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability found by Cary Hooper in WordPress CSS Hero plugin versions = 4.03. Solution Update the WordPress CSS Hero plugin to the latest available version at least 4.07...

6.1CVSS1.6AI score0.00232EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2017/12/13 6:0 p.m.48 views

CVE-2017-1546

IBM DOORS Next Generation (DNG/RRC) versions 4.07, 5.0, and 6.0 are vulnerable to cross-site scripting via the Web UI, allowing arbitrary JavaScript execution and potential credentials disclosure in a trusted session. Affected products/versions include Rational DOORS Next Generation 6.0–6.0.4, Ra...

5.4CVSS5.2AI score0.0025EPSS
Exploits0References3Affected Software2
Packet Storm
Packet Stormadded 2014/06/17 12:0 a.m.40 views

ZTE WXV10 W300 Disclosure / CSRF / Default

Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664 Exploit Author: Osanda Malith Jayathissa...

7.8CVSS7.5AI score0.5177EPSS
Exploits9
Exploit DB
Exploit DBadded 2014/02/16 12:0 a.m.25 views

Trendchip HG520 ADSL2+ Wireless Modem - Cross-Site Request Forgery

Exploit Title: Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability Google Dork: N/A Date: 15/02/2014 Exploit Author: Dhruv Shah Vendor Homepage: N/A Software Link : N/A Version: Firmware Version:2.11.38.0RE0.C2B3.9.9.5 Tested on: Embedded Allegro RomPager webserver 4.07 UPnP/1.0 ZyXEL ZyWALL...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2010/04/26 12:0 a.m.36 views

SmodCMS &#39;config.php&#39; Arbitrary File Upload Vulnerability

SmodCMS is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate...

3.2AI score
Exploits0
0day.today
0day.todayadded 2009/12/03 12:0 a.m.22 views

Huawei MT882 Modem/Router Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================== Huawei MT882 Modem/Router Multiple Vulnerabilities ================================================== Version: V100R002B020 ARG-T Firmware Release: 3.7.9.98 Target device ip 10.0.0.2:80...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2009/01/26 12:0 a.m.18 views

ConPresso CMS 4.07 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/33436/info ConPresso CMS is prone to multiple remote vulnerabilities: - A cross-site scripting vulnerability - A cross-domain scripting vulnerability - A session-fixation vulnerability An attacker can exploit these issues to execute arbitrary script code...

7.4AI score
Exploits0
CVE
CVEadded 2007/02/09 1:0 a.m.50 views

CVE-2006-6988

CVE-2006-6988 (Slim Browser 4.07 build 100) : Cross-domain information disclosure via an object tag with a data parameter referencing an attacker site. The attacker’s link specifies a Location header that references the target site, allowing content to be exposed through the object’s outerHTML at...

7.8CVSS5.9AI score0.00461EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2000/07/12 4:0 a.m.41 views

CVE-2000-0406

The CVE-2000-0406 entry describes: Netscape Communicator before 4.73 and Navigator 4.07 do not properly validate SSL certificates, enabling remote attackers to redirect traffic to a malicious server (Acros-Suencksen SSL) and potentially steal data. No remediation or exploit details are provided i...

2.6CVSS6.8AI score0.00744EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder