Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

491 matches found

Nuclei
Nucleiadded yesterday48 views

Business Directory Plugin <= 6.4.2 - SQL Injection

The Business Directory Plugin Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient...

9.8CVSS5.8AI score0.10272EPSS
Exploits1References4
NVD
NVDadded 2026/06/19 6:16 p.m.5 views

CVE-2019-25752

Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type parameter. Attackers can send GET requests to index.php with the...

8.8CVSS0.00366EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/19 5:15 p.m.5 views

CVE-2019-25752 Joomla! Component J-BusinessDirectory 4.9.7 SQL Injection

Joomla! Component J-BusinessDirectory 4.9.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the type parameter. Attackers can send GET requests to index.php with the...

8.8CVSS6.2AI score0.00366EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/19 12:0 a.m.13 views

PT-2026-50988

Name of the Vulnerable Software and Affected Versions Joomla! Component J-BusinessDirectory version 4.9.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the type parameter via GET requests to the...

8.8CVSS6.2AI score0.00366EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/15 9:30 p.m.9 views

EUVD-2026-36969

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References2
NVD
NVDadded 2026/06/15 9:16 p.m.6 views

CVE-2026-39591

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS0.00465EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/15 8:18 p.m.26 views

CVE-2026-39591 WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS0.00465EPSS
Exploits0References1
CVE
CVEadded 2026/06/15 8:18 p.m.8 views

CVE-2026-39591

The CVE-2026-39591 entry concerns the WordPress WP-BusinessDirectory plugin up to version 4.0.0, where a Subscriber Arbitrary File Upload vulnerability is reported. Connected sources confirm the affected product and vulnerability class but do not provide exploit details or mitigation steps beyond...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.10 views

PT-2026-49404

Subscriber Arbitrary File Upload in WP-BusinessDirectory = 4.0.0 versions...

9.9CVSS5.2AI score0.00465EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2026/04/23 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-31918

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

9.8CVSS5.2AI score0.00425EPSS
In wildExploits0References3
GithubExploit
GithubExploitadded 2026/04/18 10:7 a.m.106 views

Exploit for CVE-2025-53580

CVE-2025-53580 WordPress Simple Business Directory Pro Plugin...

9.8CVSS5.8AI score0.00345EPSS
Exploits1
EUVD
EUVDadded 2026/03/12 6:30 p.m.6 views

EUVD-2019-19815

Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/12 3:37 p.m.2 views

CVE-2019-25533 Netartmedia PHP Business Directory 4.2 SQL Injection via loginaction.php

Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/03/12 3:37 p.m.2 views

CVE-2019-25533

Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2026/03/12 12:0 a.m.4 views

Netartmedia PHP Business Directory SQL注入漏洞

Netartmedia PHP Business Directory is a commercial directory website system developed by Netartmedia Company in Bulgaria. Version 4.2 of Netartmedia PHP Business Directory has a SQL injection vulnerability. This vulnerability stems from the Email parameters being subject to SQL injections, which...

8.8CVSS5.8AI score0.00304EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/12 12:0 a.m.5 views

PT-2026-24993

Netartmedia PHP Business Directory 4.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the Email parameter. Attackers can send POST requests to the loginaction.php endpoint with crafted SQL payloads in the...

8.8CVSS5.9AI score0.00304EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/02/20 1:27 p.m.5 views

CVE-2026-25004

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through = 1.5.3...

5.9CVSS5.5AI score0.00226EPSS
Exploits0References1
NVD
NVDadded 2026/02/19 9:16 a.m.3 views

CVE-2026-25004

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through = 1.5.3...

5.9CVSS0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/19 8:26 a.m.4 views

CVE-2026-25004 WordPress CM Business Directory plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeMindsSolutions CM Business Directory cm-business-directory allows Stored XSS.This issue affects CM Business Directory: from n/a through = 1.5.3...

5.9CVSS5.9AI score0.00226EPSS
Exploits0References1
CVE
CVEadded 2026/02/19 8:26 a.m.9 views

CVE-2026-25004

CVE-2026-25004 concerns the WordPress CM Business Directory plugin (cm-business-directory)

5.9CVSS5.4AI score0.00226EPSS
Exploits0References1
Rows per page
Query Builder