Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Positive Technologies
Positive Technologiesadded 2026/05/18 12:0 a.m.10 views

PT-2026-41673

An issue in prestashop upsshipping all versions through at least 2.4.0 allows a remote attacker to obtain sensitive information via the /modules/upsshipping/logs/, and /modules/upsshipping/lib/UPSBaseApi.php components...

5.8AI score0.0031EPSS
Exploits0References2
NVD
NVDadded 2026/04/02 3:16 p.m.3 views

CVE-2026-34795

Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logslog.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open call, which allows command injection due to an incomplete...

8.8CVSS0.01469EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/08/19 12:0 a.m.5 views

WordPress plugin AI Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.2CVSS6.6AI score0.00817EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/08/18 12:0 a.m.5 views

PT-2024-37638 · WordPress +1 · Ai Engine Wordpress Plugin +1

Name of the Vulnerable Software and Affected Versions: AI Engine versions 2.4.3 AI Engine WordPress plugin versions prior to 2.5.1 Description: The issue is related to remote-code-execution RCE via Log Poisoning. The AI Engine WordPress plugin fails to validate the file extension of logs path,...

7.2CVSS7AI score0.00817EPSS
Exploits1References8
BDU FSTEC
BDU FSTECadded 2024/05/17 12:0 a.m.4 views

The vulnerability of the PHP framework Laravel, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the PHP framework Laravel is related to insufficient protection of sensitive data during the processing of the laravel.log file storage/logs/laravel.log. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4CVSS5.5AI score0.01341EPSS
Exploits3References4Affected Software1
PyPA
PyPAadded 2024/04/16 12:15 a.m.9 views

PYSEC-2024-247

A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The...

9.9CVSS7AI score0.3909EPSS
Exploits2References5Affected Software1
CNNVD
CNNVDadded 2024/01/12 12:0 a.m.2 views

Skoda Security Breach

Skoda is a line of automobiles from Skoda. A security vulnerability exists in the Skoda Superb III 3V3 version 2.0 TDI that stems from the Real-Time Streaming Protocol not properly handling requests for the /logs URI, allowing an attacker to launch a denial-of-service DOS attack on the infotainme...

5.3CVSS6.7AI score0.00231EPSS
Exploits0References2
OSV
OSVadded 2023/01/02 10:15 p.m.5 views

CVE-2022-4057

The Autoptimize WordPress plugin before 3.1.0 uses an easily guessable path to store plugin's exported settings and logs...

5.3CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2021/01/26 6:15 p.m.4 views

CVE-2020-23161

Local file inclusion in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to traverse directories and read sensitive files via the Maintenance Logs menu and manipulating the file-path in the URL...

6.5CVSS5.8AI score0.02385EPSS
Exploits2References3
Packet Storm
Packet Stormadded 2008/07/10 12:0 a.m.25 views

fuzzylime-lfi.txt

!/usr/bin/perl ---------------------------------------------------------- Fuzzylime CMS 3.01 Multiple LFI / RCE author : Cod3rZ website : http://cod3rz.helloweb.eu ---------------------------------------------------------- http://site/blog.php?file=../file\0...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2008/07/07 12:0 a.m.16 views

Fuzzylime CMS 3.01a - file Local File Inclusion

Fuzzylime CMS 3.01a - file Local File Inclusion !/usr/bin/perl ---------------------------------------------------------- Fuzzylime CMS 3.01 Multiple LFI / RCE author : Cod3rZ website : http://cod3rz.helloweb.eu ----------------------------------------------------------...

0.2AI score
Exploits0
Rows per page
Query Builder