Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Prion
Prionadded 2022/11/10 9:15 p.m.14 views

Path traversal

dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. This is also fixed in 5.3.8.12, 21.06.9, and 22.03.2 for LTS users. Some Java application frameworks, including those used ...

5.8CVSS6.2AI score0.0102EPSS
Exploits1References2Affected Software1
Gitee
Giteeadded 2022/01/20 9:12 p.m.1 views

vulhub

This is an open-source collection of vulnerable web applications and environments, designed for security training and testing. The repository contains a variety of applications, including web servers, databases, and other services, each with its own set of vulnerabilities. The goal is to provide ...

7.1AI score
Exploits0
Kitploit
Kitploitadded 2021/05/08 9:30 p.m.404 views

Kiterunner - Contextual Content Discovery Tool

For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Over time,...

6.7AI score
Exploits0References4
Schneier on Security
Schneier on Securityadded 2020/03/18 12:45 p.m.24 views

The Insecurity of WordPress and Apache Struts

Interesting data: A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized and exploited in the wild were for two major application frameworks, namely WordPress and Apache Struts. The Drupal content...

0.6AI score
Exploits0
The Hacker News
The Hacker Newsadded 2019/04/02 5:38 p.m.228 views

New Apache Web Server Bug Threatens Security of Shared Web Hosts

Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in...

7.8CVSS0.89568EPSS
Exploits8
OSV
OSVadded 2018/07/18 1:29 p.m.1 views

CVE-2018-2916

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

2.7CVSS7.3AI score0.00426EPSS
Exploits0References3
Imperva Blog
Imperva Blogadded 2017/12/28 5:20 p.m.1397 views

The State of Web Application Vulnerabilities in 2017

As a web application firewall provider, part of our job at Imperva is constantly monitoring new security vulnerabilities. To do this, we use internal software that collects information from various data sources such as vulnerability databases, newsletters, forums, social media and more, integrate...

10CVSS10AI score0.94322EPSS
Exploits66
Fedora
Fedoraadded 2014/08/28 3:33 p.m.18 views

[SECURITY] Fedora 20 Update: perl-Plack-1.0031-1.fc20

Plack is a set of tools for using the PSGI stack. It contains middleware components, a reference server and utilities for Web application frameworks. Plack is like Ruby's Rack or Python's Paste for WSGI...

5CVSS2.1AI score0.00462EPSS
Exploits0
Rows per page
Query Builder