Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/27 8:16 a.m.7 views

CVE-2026-40815

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24apigetUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

8.7CVSS0.00064EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/24 12:0 a.m.1 views

PT-2026-34863

The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to a missing nonce verification in the taqnix delete my account function, where the check ajax referer call is explicitly commented out on line 883. This makes it...

4.3CVSS5.3AI score0.00022EPSS
Exploits0References10
NVD
NVDadded 2025/12/10 11:15 a.m.2 views

CVE-2025-41730

An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...

9.8CVSS0.0012EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/04/18 12:0 a.m.1 views

WordPress plugin User Registration & Membership – Custom Registration Form, Login Form, and User Profile 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin User...

4.3CVSS5.9AI score0.00223EPSS
Exploits0References1
OSV
OSVadded 2024/09/18 9:15 p.m.0 views

CVE-2024-46376

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the updateaccount function of the file rental/adminclass.php...

9.8CVSS5.9AI score0.00983EPSS
Exploits0References1
NVD
NVDadded 2024/09/18 9:15 p.m.14 views

CVE-2024-46376

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the updateaccount function of the file rental/adminclass.php...

9.8CVSS0.00983EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/09/18 12:0 a.m.2 views

SourceCodester Best House Rental Management System 安全漏洞

SourceCodester Best House Rental Management System is a house rental management system from SourceCodester, Inc. A security vulnerability exists in SourceCodester Best House Rental Management System version 1.0, which is caused by an arbitrary file upload vulnerability in the updateaccount functi...

9.8CVSS7.1AI score0.00983EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2023/09/14 10:15 p.m.0 views

CVE-2023-40868

Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions...

8.8CVSS6.2AI score0.03836EPSS
Exploits1References2
OSV
OSVadded 2018/01/24 10:29 a.m.1 views

CVE-2018-5976

Cross Site Request Forgery CSRF exists in RSVP Invitation Online 1.0 via function/account.php, as demonstrated by modifying the admin password...

8.8CVSS5.8AI score0.00256EPSS
Exploits5References1
Rows per page
Query Builder