Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:5 a.m.11 views

CVE-2019-20060

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information...

7.5CVSS6.6AI score0.00468EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-10616

Malware in sbrugna...

7.5CVSS7.5AI score0.00468EPSS
Exploits0References5
OSV
OSVadded 2025/05/15 8:15 p.m.2 views

CVE-2023-7231

The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links...

7.3CVSS5.8AI score0.003EPSS
Exploits3References1
NVD
NVDadded 2025/05/15 8:15 p.m.7 views

CVE-2023-7231

The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links...

7.3CVSS0.003EPSS
Exploits3References1
OSV
OSVadded 2022/02/01 1:15 p.m.1 views

CVE-2021-25093

The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request...

7.5CVSS7.2AI score
Exploits0References1
OSV
OSVadded 2021/11/29 9:15 a.m.1 views

CVE-2021-24749

The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and group via a CSRF attack...

4.3CVSS5.9AI score0.00103EPSS
Exploits2References1
OSV
OSVadded 2020/02/10 1:15 p.m.1 views

CVE-2019-20060

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information...

7.5CVSS5.8AI score
Exploits0References3
Prion
Prionadded 2020/02/10 1:15 p.m.17 views

Default credentials

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information...

5CVSS7.4AI score0.00468EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2020/02/10 12:20 p.m.20 views

CVE-2019-20060

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information...

7.5AI score0.00468EPSS
Exploits0References3
NVD
NVDadded 2017/10/11 1:32 a.m.10 views

CVE-2017-15215

Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated attacker to inject JavaScript via the searchtags parameter to index.php. If the victim is an administrator, an attacker can for example take over the admin session or change global settings or add/delete links. It is also...

6.1CVSS6.2AI score0.01038EPSS
Exploits0References3
CVE
CVEadded 2017/10/10 5:0 a.m.48 views

CVE-2017-15215

CVE-2017-15215 is a reflected XSS vulnerability in Shaarli v0.9.1. An unauthenticated attacker can inject JavaScript via the searchtags parameter to index.php, potentially compromising admin sessions or altering global settings if the victim is an administrator, or executing JavaScript for unauth...

6.1CVSS6.1AI score0.01038EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder