Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

Positive Technologies
Positive Technologiesadded 2025/08/25 12:0 a.m.2 views

PT-2025-34654 · D Link · Dsl-7740C

Name of the Vulnerable Software and Affected Versions: D-Link DSL-7740C versions DSL7740C.V6.TR069.20211230 Description: An incorrect access control issue exists in the Maintenance module. Authenticated attackers with low-level privileges can arbitrarily change high-privileged account passwords a...

5.3CVSS6.5AI score0.00116EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/08/25 12:0 a.m.3 views

CVE-2025-29520

Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges...

6.7AI score0.00116EPSS
Exploits1References2
CVE
CVEadded 2025/08/25 12:0 a.m.13 views

CVE-2025-29520

CVE-2025-29520 affects D-Link DSL-7740C (firmware DSL7740C.V6.TR069.20211230). The root cause is an incorrect access-control in the Maintenance module, allowing authenticated attackers with low-level privileges to arbitrarily change high-privileged account passwords, enabling privilege escalation...

5.3CVSS7.3AI score0.00116EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 5:45 a.m.3 views

CVE-2023-48645

An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance modu...

7.8CVSS7.8AI score0.00031EPSS
Exploits0References1
OSV
OSVadded 2025/02/19 4:15 p.m.6 views

CVE-2025-1465

A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an unknown function of the file db.inc.php of the component Maintenance. The manipulation leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high...

6.6CVSS4.6AI score
Exploits0References4
OSV
OSVadded 2024/04/16 10:15 p.m.1 views

CVE-2024-21046

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS7.1AI score0.00641EPSS
Exploits0References1
OSV
OSVadded 2024/04/16 10:15 p.m.4 views

CVE-2024-21026

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

7.1CVSS7.1AI score0.00185EPSS
Exploits0References1
NVD
NVDadded 2024/04/05 1:15 a.m.9 views

CVE-2024-3321

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack remotel...

4.8CVSS3.7AI score0.00119EPSS
Exploits1References4
OSV
OSVadded 2024/04/05 1:15 a.m.1 views

CVE-2024-3321

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack remotel...

4.8CVSS3.8AI score
Exploits0References4
Cvelist
Cvelistadded 2024/04/05 12:31 a.m.13 views

CVE-2024-3321 SourceCodester eLearning System Maintenance Module cross site scripting

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS4.1AI score0.00119EPSS
Exploits1References4
CVE
CVEadded 2024/04/05 12:31 a.m.66 views

CVE-2024-3321

The CVE-2024-3321 issue affects SourceCodester eLearning System 1.0 , specifically the Maintenance Module . The root cause is manipulation of the Subject Code/Description argument, enabling cross-site scripting (XSS) . The vulnerability allows remote initiation of an attack and has been publicly ...

4.8CVSS3.7AI score0.00119EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2024/04/05 12:31 a.m.10 views

CVE-2024-3321 SourceCodester eLearning System Maintenance Module cross site scripting

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS6.2AI score0.00119EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/04/04 12:0 a.m.1 views

PT-2024-25148 · Sourcecodester · Sourcecodester Elearning System

Name of the Vulnerable Software and Affected Versions: SourceCodester eLearning System version 1.0 Description: A vulnerability has been found in the Maintenance Module of the SourceCodester eLearning System. The manipulation of the Subject Code/Description argument leads to cross-site scripting...

4.8CVSS4.4AI score0.00119EPSS
Exploits1References8
NVD
NVDadded 2024/03/05 11:15 p.m.9 views

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

6.1CVSS5.8AI score0.00088EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/03/05 12:0 a.m.10 views

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

6AI score0.00088EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/03/05 12:0 a.m.2 views

ARCHIBUS Cross-Site Scripting Vulnerability

ARCHIBUS is a software platform from ARCHIBUS focused on helping organizations effectively manage their real estate, facilities and infrastructure to improve efficiency, reduce costs and support strategic planning. A cross-site scripting vulnerability exists in ARCHIBUS version 4.0.3 iOS, which...

6.1CVSS6.2AI score0.00088EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/03/05 12:0 a.m.11 views

CVE-2023-48644

An issue was discovered in the Archibus app 4.0.3 for iOS. There is an XSS vulnerability in the create work request feature of the maintenance module, via the description field. This allows an attacker to perform an action on behalf of the user, exfiltrate data, and so on...

6.2AI score0.00088EPSS
Exploits0References2
CVE
CVEadded 2024/03/05 12:0 a.m.63 views

CVE-2023-48644

The CVE-2023-48644 entry affects Archibus app version 4.0.3 on iOS, with a cross-site scripting (XSS) vulnerability in the description field of the maintenance module’s Create Work Request feature. The underlying issue allows an attacker to perform actions on behalf of the user and exfiltrate dat...

6.1CVSS6AI score0.00088EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2024/02/02 9:15 a.m.1 views

CVE-2023-48645

An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance modu...

7.8CVSS5.8AI score0.00031EPSS
Exploits0References2
NVD
NVDadded 2024/02/02 9:15 a.m.8 views

CVE-2023-48645

An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is synchronized with a Web central server instance every time the application is opened, or when the refresh button is used. There is a SQL injection in the search work request feature in the Maintenance modu...

7.8CVSS8AI score0.00031EPSS
Exploits0References2
Rows per page
Query Builder