Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

348 matches found

Snyk
Snykadded 2026/03/31 2:30 a.m.1 views

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the blog post rendering process. An attacker can execute arbitrary scripts in the context of a user's browser by injecting malicious...

7.3CVSS7.3AI score0.00233EPSS
Exploits0References2
Snyk
Snykadded 2026/03/31 2:30 a.m.2 views

SQL Injection

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to SQL Injection via the blog post process. An attacker can execute arbitrary SQL commands by supplying crafted input to the affected component. Remediation Upgrade...

9.8CVSS7.4AI score0.00412EPSS
Exploits0References2
Circl
Circladded 2026/03/27 2:0 a.m.4 views

CVE-2025-36258

creationtimestamp| type| source ---|---|--- 2026-03-27 02:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhyzidod3h2f...

7.1CVSS5.8AI score0.00155EPSS
Exploits0References1
Circl
Circladded 2026/03/27 1:0 a.m.2 views

CVE-2026-33914

creationtimestamp| type| source ---|---|--- 2026-03-27 01:00:13+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhyw4ztj3i2v...

7.2CVSS5.8AI score0.00425EPSS
Exploits1References1
Circl
Circladded 2026/03/24 4:0 p.m.2 views

CVE-2026-29099

creationtimestamp| type| source ---|---|--- 2026-03-24 16:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhswzmyxwk2v...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References1
Circl
Circladded 2026/03/23 10:0 a.m.1 views

CVE-2026-3736

creationtimestamp| type| source ---|---|--- 2026-03-23 10:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhpsgy2ttp2h...

9.8CVSS5.8AI score0.00345EPSS
Exploits1References1
Circl
Circladded 2026/03/22 4:0 a.m.3 views

CVE-2026-32627

creationtimestamp| type| source ---|---|--- 2026-03-22 04:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhmnucgmlh2q...

8.7CVSS5.7AI score0.00179EPSS
Exploits1References1
Circl
Circladded 2026/03/20 3:20 a.m.1 views

CVE-2026-4180

creationtimestamp| type| source ---|---|--- 2026-03-20 03:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhhkos5gem2w...

9.8CVSS7.1AI score0.01357EPSS
Exploits1References1
Circl
Circladded 2026/03/20 3:0 a.m.3 views

CVE-2026-31989

creationtimestamp| type| source ---|---|--- 2026-03-20 03:00:13+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhhjl5xpci23...

7.4CVSS5.7AI score0.00184EPSS
Exploits0References1
Circl
Circladded 2026/03/19 5:35 p.m.2 views

CVE-2015-20120

creationtimestamp| type| source ---|---|--- 2026-03-19 17:35:45+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhgjzsgoh42e...

9.8CVSS5.7AI score0.00417EPSS
Exploits1References1
Circl
Circladded 2026/03/18 5:0 p.m.2 views

CVE-2026-31870

creationtimestamp| type| source ---|---|--- 2026-03-18 17:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhdxlet7hw2x 2026-03-20 11:11:34+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mhieznfew22h...

7.5CVSS5.3AI score0.00453EPSS
Exploits1References2
Circl
Circladded 2026/03/18 6:20 a.m.4 views

CVE-2026-22182

creationtimestamp| type| source ---|---|--- 2026-03-18 06:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhctssbx4f2m...

8.7CVSS5.7AI score0.00524EPSS
Exploits1References1
Circl
Circladded 2026/03/10 4:57 p.m.3 views

CVE-2026-24292

creationtimestamp| type| source ---|---|--- 2026-03-10 16:57:37+00:00| seen| https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review 2026-03-10 19:07:55+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080 2026-03-11 03:00:16+00:00| seen|...

7.8CVSS5.7AI score0.00338EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/03/06 1:34 a.m.6 views

CVE-2025-66024

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper...

8.6CVSS5.8AI score0.00353EPSS
Exploits3References1
NVD
NVDadded 2026/03/04 10:16 p.m.9 views

CVE-2025-66024

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper...

9CVSS0.00353EPSS
Exploits3References3
Vulnrichment
Vulnrichmentadded 2026/03/04 9:47 p.m.3 views

CVE-2025-66024 XWiki Blog Application home page vulnerable to Stored XSS via Post Title

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper...

8.6CVSS5.8AI score0.00353EPSS
Exploits3References3
ATTACKERKB
ATTACKERKBadded 2026/03/04 9:47 p.m.6 views

CVE-2025-66024

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper...

8.6CVSS5.8AI score0.00353EPSS
Exploits3References4Affected Software1
CVE
CVEadded 2026/03/04 9:47 p.m.13 views

CVE-2025-66024

CVE-2025-66024 affects the XWiki Blog Application UI (org.xwiki.contrib.blog:application-blog-ui) and involves a Stored XSS in the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper escaping in versions prior to 9.15.7. An attac...

9CVSS5.8AI score0.00353EPSS
Exploits3References3Affected Software1
OSV
OSVadded 2026/03/04 6:16 p.m.4 views

GHSA-H2XQ-H7F9-VH6C XWiki Blog Application home page vulnerable to Stored XSS via Post Title

Impact The Blog Application is vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper escaping. An attacker with permissions to create or edit blog posts can inject malicious...

9CVSS5.8AI score0.00353EPSS
Exploits3References5
Github Security Blog
Github Security Blogadded 2026/03/04 6:16 p.m.8 views

XWiki Blog Application home page vulnerable to Stored XSS via Post Title

Impact The Blog Application is vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper escaping. An attacker with permissions to create or edit blog posts can inject malicious...

9CVSS5.8AI score0.00353EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder