Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1161 matches found

Cvelist
Cvelistadded 2014/03/14 10:0 a.m.17 views

CVE-2013-6206

Unspecified vulnerability in HP Rapid Deployment Pack RDP and Insight Control Server Deployment allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

6.8AI score0.01598EPSS
Exploits0References1
NVD
NVDadded 2014/03/11 1:1 p.m.11 views

CVE-2013-6200

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors...

6.2CVSS5.7AI score0.00054EPSS
Exploits0References1
Prion
Prionadded 2014/03/11 1:1 p.m.15 views

Code injection

Unspecified vulnerability in m4 in HP HP-UX B.11.23 and B.11.31 allows local users to obtain sensitive information or modify data via unknown vectors...

6.2CVSS6.2AI score0.00054EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2014/02/22 12:0 a.m.26 views

WordPress AdRotate Plugin 3.9.4 - SQL Injection

This WordPress AdRotate plugin's clicktracker.php "track param" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin to 3.9.5...

7.5CVSS4.2AI score0.0992EPSS
Exploits7References1Affected Software1
Exploit DB
Exploit DBadded 2014/02/21 12:0 a.m.19 views

Jorjweb - 'id' SQL Injection

source: https://www.securityfocus.com/bid/66377/info Jorjweb is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the application, access or modify data, o...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2013/12/15 12:0 a.m.9 views

iScripts AutoHoster - additionalsettings.php SQL Injection

iScripts AutoHoster - additionalsettings.php SQL Injection source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromi...

0.6AI score
Exploits0
exploitpack
exploitpackadded 2013/12/15 12:0 a.m.18 views

iScripts AutoHoster - main_smtp.php Traversal

iScripts AutoHoster - mainsmtp.php Traversal source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2013/12/15 12:0 a.m.36 views

iScripts AutoHoster - 'main_smtp.php' Traversal

source: https://www.securityfocus.com/bid/64377/info iScripts AutoHoster is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to compromise the application, access or modify data, or exploit laten...

7.4AI score
Exploits0
NVD
NVDadded 2013/11/13 3:55 p.m.8 views

CVE-2013-5450

IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token...

4CVSS6AI score0.00198EPSS
Exploits0References2
Prion
Prionadded 2013/11/13 3:55 p.m.11 views

Authentication flaw

IBM Security AppScan Enterprise 8.5 through 8.7.0.1, when Jazz authentication is enabled, allows man-in-the-middle attackers to obtain sensitive information or modify data by leveraging an improperly protected URL to obtain a session token...

4CVSS6.4AI score0.00198EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2013/11/05 8:55 p.m.17 views

Code injection

The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to 1 list/edit.php and 2 campaign/editCampaign.php, which allows remote attackers to modify list or campaign data...

6.4CVSS7.4AI score0.00674EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2013/11/04 4:55 p.m.15 views

CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...

7.5CVSS6.7AI score0.01115EPSS
Exploits0References1
Prion
Prionadded 2013/11/04 4:55 p.m.24 views

Security feature bypass

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...

7.5CVSS7.3AI score0.01115EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2013/11/04 3:0 p.m.17 views

CVE-2013-4839

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851...

6.7AI score0.01115EPSS
Exploits0References1
NVD
NVDadded 2013/10/24 10:53 a.m.18 views

CVE-2013-4299

Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...

6CVSS6.9AI score0.00804EPSS
Exploits1References27
Cvelist
Cvelistadded 2013/10/24 10:0 a.m.22 views

CVE-2013-4299

Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...

6.2AI score0.00804EPSS
Exploits1References27
Debian CVE
Debian CVEadded 2013/10/24 10:0 a.m.51 views

CVE-2013-4299

Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...

6CVSS6.4AI score0.00804EPSS
Exploits1
NVD
NVDadded 2013/10/19 10:36 a.m.10 views

CVE-2013-4712

I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors...

6.8CVSS6.5AI score0.00666EPSS
Exploits0References4
Prion
Prionadded 2013/09/25 10:31 a.m.16 views

Authentication flaw

The 1 REST and 2 memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 do not require authentication, which allows remote attackers to obtain sensitive information or modify data via an API call...

7.5CVSS6.3AI score0.00514EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2013/07/13 10:0 a.m.23 views

CVE-2013-2351

Unspecified vulnerability in HP Network Node Manager i NNMi 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...

6.7AI score0.01115EPSS
Exploits0References1
Rows per page
Query Builder