Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2026/04/20 12:0 a.m.1 views

PraisonAI Code Issue Vulnerability

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a code issue vulnerability that stems from the FileTools.downloadfile function validating the target path but not validating the url parameter, which can be exploited by an attacker to cause the attacke...

8.6CVSS5.4AI score0.00022EPSS
Exploits1
CNNVD
CNNVDadded 2025/03/26 12:0 a.m.1 views

WordPress plugin Product Import Export for WooCommerce 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

4.9CVSS8.6AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/12/09 12:0 a.m.2 views

PT-2024-10236 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5032 B20200407 Description: A command insertion vulnerability was discovered in the downloadFile.cgi main function. This issue allows an attacker to execute arbitrary commands by sending a specially crafted HTTP...

10CVSS8AI score0.00067EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/03/24 12:0 a.m.3 views

PT-2024-10836 · Unknown · Cyberaz0R Webrat

Name of the Vulnerable Software and Affected Versions: cyberaz0r WebRAT up to 20191222 Description: A critical issue affects the function download file of the file Server/api.php. The manipulation of the argument name leads to unrestricted upload. The attack can be initiated remotely. The real...

6.5CVSS6.7AI score0.00068EPSS
Exploits0References9
CNNVD
CNNVDadded 2024/03/12 12:0 a.m.2 views

s::can moni::tools path traversal vulnerability

s::can moni::tools is a platform from s::can for managing a virtually unlimited number of sites, online probes, analyzers, and parameters. A path traversal vulnerability exists in s::can moni::tools version 4.6.3, which originates from allowing an authenticated attacker to retrieve any file from ...

6.5CVSS6.7AI score0.00525EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/04/05 12:0 a.m.1 views

WordPress 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A security vulnerability exists in the Theme...

4.9CVSS5.6AI score0.00576EPSS
Exploits1References2
myhack58
myhack58added 2007/11/21 12:0 a.m.18 views

China computer education web site management system 3. 0 vulnerability analysis-vulnerability warning-the black bar safety net

In the/edit/downfile. asp has the following code: Copy code !-- include file="fsoconfig. asp" - !-- include file="checklogin. asp" - % call downloadFileRequest"path" function downloadFilestrFile strFilename = server. MapPathstrFile Response. Buffer = True Response. Clear Set s = Server...

7.5AI score
Exploits0
Rows per page
Query Builder