Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7705 matches found

OSV
OSVadded 2022/06/13 5:15 a.m.3 views

CVE-2022-27174

Cross-site request forgery CSRF vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page...

4.3CVSS5.8AI score0.00431EPSS
Exploits0References2
NVD
NVDadded 2022/06/13 5:15 a.m.18 views

CVE-2022-27174

Cross-site request forgery CSRF vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page...

4.3CVSS0.00431EPSS
Exploits0References2
Prion
Prionadded 2022/06/13 5:15 a.m.10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page...

4.3CVSS4.9AI score0.00431EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/06/13 4:50 a.m.65 views

CVE-2022-27174

CVE-2022-27174 affects the EC-CUBE4 ecosystem: the EC-CUBE plugin “Easy Blog for EC-CUBE4” (Ver.1.0.1 and earlier) is vulnerable to CSRF. A remote, unauthenticated attacker can hijack an administrator’s session via a specially crafted page and delete a blog article or a category. The vulnerabilit...

4.3CVSS4.9AI score0.00431EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2022/06/13 4:50 a.m.29 views

CVE-2022-27174

Cross-site request forgery CSRF vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page...

5.2AI score0.00431EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/06/13 12:0 a.m.3 views

WordPress plugin Private Files 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS5.5AI score0.00412EPSS
Exploits2References2
Talos Blog
Talos Blogadded 2022/06/09 11:6 a.m.9 views

Threat Source newsletter (June 9, 2022) — Get ready for Cisco Live

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Another week, another conference. We’re heading a few miles southeast from San Francisco to Las Vegas for Cisco Live. I hope everyone had a safe, healthy and enjoyable RSA, but the fun isn’t over just... This is only...

1.5AI score
Exploits0
CNVD
CNVDadded 2022/06/09 12:0 a.m.19 views

Responsive Online Blog SQL Injection Vulnerability

Responsive Online Blog is a responsive online blog site. responsive Online Blog v1.0 is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of single.php. An attacker could use this vulnerability to execute illegal SQL commands t...

7.5CVSS3.2AI score0.019EPSS
Exploits1Affected Software1
Schneier on Security
Schneier on Securityadded 2022/06/03 9:3 p.m.12 views

Friday Squid Blogging: More on the “Mind Boggling” Squid Genome

Octopus and squid genes are weird. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

1.1AI score
Exploits0
Akamai Blog
Akamai Blogadded 2022/06/03 9:0 a.m.270 views

Akamai Protects Against the Atlassian Confluence 0-Day (CVE-2022-26134)

Atlassian has released a security advisory to address a remote code execution vulnerability CVE-2022-26134 that’s affecting Confluence Server and Data Center products...

9.8CVSS9.4AI score0.99999EPSS
Exploits75
OSV
OSVadded 2022/06/02 2:15 p.m.3 views

CVE-2022-30818

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blogeventsedit.php?id=31...

7.2CVSS5.8AI score0.00958EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/06/02 2:15 p.m.2 views

CVE-2022-30818

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blogeventsedit.php?id=31...

7.2CVSS5.9AI score0.00958EPSS
Exploits1References2
OSV
OSVadded 2022/06/02 2:15 p.m.3 views

CVE-2022-30823

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blogeventsedit.php...

7.2CVSS5.8AI score0.00958EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/06/02 2:15 p.m.3 views

CVE-2022-30823

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blogeventsedit.php...

7.2CVSS5.9AI score0.00958EPSS
Exploits1References2
NVD
NVDadded 2022/06/02 2:15 p.m.14 views

CVE-2022-30823

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blogeventsedit.php...

7.2CVSS0.00958EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/06/02 2:15 p.m.2 views

CVE-2022-29659

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...

9.8CVSS6AI score0.019EPSS
Exploits1References4
OSV
OSVadded 2022/06/02 2:15 p.m.2 views

CVE-2022-29659

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...

9.8CVSS5.8AI score0.019EPSS
Exploits1References3
NVD
NVDadded 2022/06/02 2:15 p.m.15 views

CVE-2022-29659

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...

9.8CVSS0.019EPSS
Exploits1References3
Prion
Prionadded 2022/06/02 2:15 p.m.12 views

Sql injection

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blogeventsedit.php?id=31...

6.5CVSS7.3AI score0.00958EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/06/02 2:15 p.m.10 views

Sql injection

Responsive Online Blog v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at single.php...

7.5CVSS9.7AI score0.019EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder