Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2026/03/27 2:23 p.m.8 views

CVE-2021-27931

LumisXP aka Lumis Experience Platform before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service...

9.1CVSS6.8AI score0.18607EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/06/26 12:0 a.m.4 views

Lumisxp Cross-Site Scripting Vulnerability

LumisXP is a cloud-based digital experience software from Lumis Inc. which helps users gain insight into various website, blog and landing page metrics on a unified platform. A security vulnerability exists in Lumisxp versions 15.0.x through 16.1.x, which stems from susceptibility to a cross-site...

6.1CVSS6.1AI score0.0081EPSS
Exploits1References3
CNVD
CNVDadded 2021/03/05 12:0 a.m.8 views

LumisXP XML External Entity Injection Vulnerability

LumisXP is an application from the Portuguese company LumisXP. It provides a platform for managing customers. A security vulnerability exists in LumisXP versions prior to 10.0.0 that allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. An attack that exploits this...

9.1CVSS7AI score0.18607EPSS
Exploits1References1
Rows per page
Query Builder