Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/04/22 7:45 a.m.5 views

CVE-2026-4132

CVE-2026-4132 affects the WordPress HTTP Headers plugin up to version 1.19.2. The vulnerability arises from insufficient validation of the htpasswd path (hh_htpasswd_path) and lack of sanitization of the hh_www_authenticate_user value, allowing an authenticated Administrator+ to cause Remote Code...

7.2CVSS5.9AI score0.00552EPSS
Exploits0References13
ATTACKERKB
ATTACKERKBadded 2026/03/16 10:11 a.m.3 views

CVE-2026-3022

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose o...

7.1CVSS5.9AI score0.00039EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/13 3:23 a.m.4 views

Malicious code in minify-mu-catch-authenticate-user (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac3b2212cf649bbcec1267832b53976a224b9a0387e17e082b8641dda41bc920 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVDadded 2025/11/13 3:23 a.m.1 views

EUVD-2025-177829

Malicious code in minify-mu-catch-authenticate-user npm...

6.6AI score
Exploits0
Cvelist
Cvelistadded 2025/09/17 4:2 p.m.6 views

CVE-2025-10599 itsourcecode Web-Based Internet Laboratory Management System login.php AuthenticateUser sql injection

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument useremail results in sql injection. Remote exploitation of the attack is possible...

7.5CVSS0.00064EPSS
Exploits1References5
Patchstack
Patchstackadded 2024/12/12 12:25 a.m.3 views

WordPress Sign In With Google plugin <= 1.8.0 - Authentication Bypass in authenticate_user vulnerability

Authentication Bypass in authenticateuser vulnerability discovered by shaman0x01 in WordPress Plugin Sign In With Google versions = 1.8.0...

9.8CVSS7AI score0.00195EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2022/03/11 12:0 a.m.1 views

FreeTAKServer-UI SQL注入漏洞

FreeTAKServer-UI is an open source FTS web interface from the FreeTAKTeam team.FreeTAKServer-UI is vulnerable to SQL injection, which stems from the API endpoint/AuthenticateUser containing SQL injection into the SQLite3 database, which can be exploited by an attacker to obtain the database All...

6.5CVSS5.9AI score0.00238EPSS
Exploits1References2
CNVD
CNVDadded 2015/01/06 12:0 a.m.1 views

Multiple Buffer Overflow Vulnerabilities in VDG Security SENSE

VDG Security SENSE is a video management system. Multiple buffer overflow vulnerabilities in the VDG Security SENSE DIVA web service API allow remote attackers to submit a special AuthenticateUser request to execute arbitrary code via the user or password parameters...

7.5CVSS8.5AI score0.07647EPSS
Exploits1References1
Rows per page
Query Builder