Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

76 matches found

Vulnrichment
Vulnrichmentadded 2026/04/06 11:30 p.m.0 views

CVE-2026-5705 code-projects Online Hotel Booking Booking Endpoint booknow.php cross site scripting

A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerability is an unknown functionality of the file /booknow.php of the component Booking Endpoint. Such manipulation of the argument roomname leads to cross site scripting. It is possible to launch the...

5.3CVSS4.4AI score0.00013EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/06/08 12:8 a.m.9 views

CVE-2025-5705

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipulation of the argument cmbCat leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS7.5AI score0.00203EPSS
Exploits1References1
Circl
Circladded 2025/06/06 12:30 a.m.6 views

CVE-2025-5705

creationtimestamp| type| source ---|---|--- 2025-06-06 00:30:46+00:00| published-proof-of-concept| Telegram/Ye5u7iawGclqBMyVLRzmIkNrHeAFyk5kO9UgV2PswPRSwxs 2025-06-06 02:53:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqvteaan4e2j...

7.5CVSS7.3AI score0.00203EPSS
Exploits1References1
NVD
NVDadded 2025/06/06 12:15 a.m.15 views

CVE-2025-5705

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipulation of the argument cmbCat leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS0.00203EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/06/05 11:31 p.m.10 views

CVE-2025-5705 code-projects Real Estate Property Management System Property.php sql injection

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipulation of the argument cmbCat leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS0.00203EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2025/06/05 11:31 p.m.3 views

CVE-2025-5705 code-projects Real Estate Property Management System Property.php sql injection

A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipulation of the argument cmbCat leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS7.7AI score0.00203EPSS
Exploits1References5
CVE
CVEadded 2025/06/05 11:31 p.m.52 views

CVE-2025-5705

CVE-2025-5705 affects code-projects Real Estate Property Management System 1.0. The vulnerability is in an unknown function of the file /Admin/Property.php where manipulating the cmbCat parameter leads to SQL injection. It can be exploited remotely, and the exploit has been disclosed publicly. In...

7.5CVSS7.6AI score0.00203EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/22 3:34 a.m.7 views

CVE-2012-5705

Cross-site scripting XSS vulnerability in the settings page admin/settings/hotblocks in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to inject arbitrary web script or HTML via the "block names."...

2.1CVSS5.5AI score0.00232EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/21 11:22 p.m.4 views

CVE-2024-5705

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CWE-863 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0...

8.8CVSS6.9AI score0.00034EPSS
Exploits0References1
Circl
Circladded 2025/02/20 1:48 a.m.3 views

CVE-2024-5705

creationtimestamp| type| source ---|---|--- 2025-02-20 01:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114033695504956262 2025-02-20 02:16:51+00:00| seen| https://t.me/cvedetector/18504 2025-02-20 21:17:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4816...

8.8CVSS4.8AI score0.00034EPSS
Exploits0References3
NVD
NVDadded 2025/02/19 11:15 p.m.2 views

CVE-2024-5705

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CWE-863 Hitachi Vantara Pentaho Business Analytics Server versions before...

8.8CVSS0.00034EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/02/19 10:55 p.m.7 views

CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CWE-863 Hitachi Vantara Pentaho Business Analytics Server versions before...

8.8CVSS0.00034EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/02/19 10:55 p.m.3 views

CVE-2024-5705 Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CWE-863 Hitachi Vantara Pentaho Business Analytics Server versions before...

8.8CVSS8.7AI score0.00034EPSS
Exploits0References1
CVE
CVEadded 2025/02/19 10:55 p.m.33 views

CVE-2024-5705

Hitachi Vantara Pentaho Business Analytics Server is affected by CVE-2024-5705 due to incorrect authorization checks. Affected versions include Hitachi Vantara Pentaho BA Server prior to 10.2.0.0 and 9.3.0.9, including 8.3.x, where modules are enabled by default that allow execution of system-lev...

8.8CVSS8.7AI score0.00034EPSS
Exploits0References1
Circl
Circladded 2024/08/29 4:29 p.m.2 views

CVE-2017-5705

creationtimestamp| type| source ---|---|--- 2024-08-29 16:29:32+00:00| seen| https://t.me/itsecnews/4642...

7.8CVSS7.7AI score0.00118EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/01/24 8:23 p.m.2 views

Malicious code in wlwz-2312-5705 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b258c6a8a9c5d239967695d5801549f814ef9ce3938858a3c709de22295b4438 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Circl
Circladded 2023/10/27 4:17 p.m.0 views

CVE-2023-5705

creationtimestamp| type| source ---|---|--- 2023-10-27 16:17:02+00:00| seen| https://t.me/cibsecurity/73048...

6.4CVSS6.5AI score0.00118EPSS
Exploits0References1
NVD
NVDadded 2023/10/27 12:15 p.m.9 views

CVE-2023-5705

The VK Filter Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vkfiltersearch' shortcode in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00118EPSS
Exploits0References3
CVE
CVEadded 2023/10/27 11:28 a.m.73 views

CVE-2023-5705

CVE-2023-5705 affects VK Filter Search for WordPress. The vulnerability is a Stored Cross-Site Scripting issue in the plugin’s vk_filter_search shortcode across versions up to 2.3.1, caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires a...

6.4CVSS5.2AI score0.00118EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/27 11:28 a.m.5 views

CVE-2023-5705 VK Filter Search <= 2.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The VK Filter Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vkfiltersearch' shortcode in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6.8AI score0.00118EPSS
Exploits0References3
Rows per page
Query Builder