Lucene search
K

26 matches found

Nuclei
Nuclei
added 15 hours ago64 views

WPS Hide Login <= 1.9.15.2 - Login Page Disclosure

The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all versions up to, and including, 1.9.15.2. This is due to a bypass that is created when the 'action=postpass' parameter is supplied. This makes it possible for attackers to easily discover any login page that may...

5.3CVSS5.9AI score0.01235EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.18 views

PT-2026-44961

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1 Description A stored cross-site scripting XSS issue exists on the SAML login page. Stored XSS occurs when an application receives data from a user and includes that data within its later HTTP respons...

4.8CVSS5.8AI score0.00205EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7362

Malware in sbrugna...

9.8CVSS9.4AI score0.01987EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-16933

Malware in sbrugna...

8.8CVSS8.8AI score0.13609EPSS
Exploits5References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4022

Malware in sbrugna...

7.5CVSS6.4AI score0.05594EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-6340

Malware in sbrugna...

9.8CVSS9.5AI score0.04032EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-4008

Malware in sbrugna...

6.1CVSS6.3AI score0.01569EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2006-4844

Malware in sbrugna...

7.5CVSS6.4AI score0.02478EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48756

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0041EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37851

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00789EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.4 views

UTCMS 安全漏洞

UTCMS is a content management system built on the UT framework by the individual developer of usaltool. A security vulnerability exists in UTCMS version 9, which stems from an improper comparison of the code parameter in the file app/modules/ut-frame/admin/login.php...

6.3CVSS5AI score0.00393EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/07 12:0 a.m.4 views

CVE-2024-52680

EyouCMS 1.6.7 is vulnerable to Cross Site Scripting XSS in /login.php?m=admin&c=System&a=web&lang=cn...

5.6AI score0.00229EPSS
Exploits1References2
OSV
OSV
added 2025/06/21 2:15 a.m.11 views

CVE-2025-52552 FastGPT LastRoute Parameter on Login Page Vulnerable to Open Redirect and DOM-based XSS

FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login page is vulnerable to open redirect and DOM-based XSS. Improper validation and lack of sanitization of this parameter allows attackers execute malicious JavaScript or redirect them to...

5.5CVSS7AI score0.00234EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/06/21 12:0 a.m.8 views

PT-2025-26492

Name of the Vulnerable Software and Affected Versions: FastGPT versions prior to 4.9.12 Description: The issue concerns the LastRoute Parameter on the login page, which is vulnerable to open redirect and DOM-based XSS due to improper validation and lack of sanitization. This allows attackers to...

6.1CVSS6.2AI score0.00234EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 3:56 a.m.7 views

CVE-2023-34635

Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection. The vulnerability occurs because of not validating or sanitizing the user input in the username field of the login page...

9.8CVSS7.3AI score0.02084EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:31 a.m.9 views

CVE-2013-3589

Cross-site scripting XSS vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter...

4.3CVSS6AI score0.01634EPSS
Exploits0References1
CVE
CVE
added 2025/04/14 3:32 p.m.76 views

CVE-2025-22373

CVE-2025-22373 targets SicommNet BASEC (SaaS) and centers on Improper Neutralization of Input During Web Page Generation, i.e., a Reflected XSS vulnerability that can be triggered via input and HTTP query strings to render arbitrary HTML and alter CSS styles. Affected component is BASEC on SaaS, ...

8.7CVSS5.8AI score0.00392EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/26 12:26 a.m.8 views

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

9.8CVSS8AI score0.01149EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.7 views

PT-2024-26519 · Finesoft · Finesoft

Name of the Vulnerable Software and Affected Versions: FineSoft version 8.0 Description: A cross-site scripting XSS issue in the login page allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...

5.4CVSS5.8AI score0.00254EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.9 views

PT-2023-21486 · Hcl · Hcl Bigfix Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix WebUI affected versions not specified Description: The issue allows a malicious user to redirect the client browser to an external site via a redirect URL response header in the login page. Recommendations: At the moment, there is ...

6.1CVSS6AI score0.00318EPSS
Exploits0References3
Rows per page
Query Builder