Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

123 matches found

OSV
OSVadded 2025/05/01 6:15 p.m.1 views

CVE-2025-44864

Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

6.3CVSS6.1AI score0.12487EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/04/04 12:0 a.m.1 views

WordPress plugin tagDiv Composer 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

9.8CVSS8.9AI score0.01499EPSS
Exploits0References2
OSV
OSVadded 2024/10/14 2:15 p.m.0 views

CVE-2024-48119

Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML...

5.4CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2024/10/14 2:15 p.m.10 views

CVE-2024-48119

Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML...

5.4CVSS0.00216EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/10/14 12:0 a.m.13 views

CVE-2024-48119

Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML...

0.00216EPSS
Exploits1References1
CVE
CVEadded 2024/10/14 12:0 a.m.41 views

CVE-2024-48119

Vtiger CRM v8.2.0 is affected by a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML. The CVSSv3.1 base score is 5.4 (MEDIUM), with Low impact on confidentiality and integrity and no impact on availability. Exploitation details beyond the authenti...

5.4CVSS7.4AI score0.00216EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/10/14 12:0 a.m.14 views

CVE-2024-48119

Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML...

7.1AI score0.00216EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/10/14 12:0 a.m.2 views

PT-2024-32993 · Vtiger · Vtiger Crm

Name of the Vulnerable Software and Affected Versions: Vtiger CRM version 8.2.0 Description: The issue is related to a HTML Injection vulnerability in the module parameter. This allows authenticated users to inject arbitrary HTML. Recommendations: For Vtiger CRM version 8.2.0, consider restrictin...

5.4CVSS7.4AI score0.00216EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2024/06/21 10:18 a.m.20 views

CVE-2024-37356 tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...

6.7AI score0.00019EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2024/04/11 2:31 a.m.1 views

SUSE CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

5.5CVSS6.5AI score0.00016EPSS
Exploits0References16
RedhatCVE
RedhatCVEadded 2024/04/04 1:52 a.m.22 views

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

5.5CVSS7AI score0.00016EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2024/04/03 5:15 p.m.24 views

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

7.8CVSS6.4AI score0.00016EPSS
Exploits0References6
OSV
OSVadded 2023/09/30 3:15 a.m.0 views

CVE-2023-43709

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "configurationtitle1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

5.4CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2023/01/04 7:15 p.m.8 views

CVE-2022-45051

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the vulnerability...

6.1CVSS6.1AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/01/04 12:0 a.m.1 views

PT-2023-14579 · Axiell · Axiell Iguana Cms

Name of the Vulnerable Software and Affected Versions: Axiell Iguana CMS affected versions not specified Description: A reflected XSS issue has been found, allowing an attacker to execute code in a victim's browser. The module parameter on the "Service.template.cls" endpoint does not properly...

6.1CVSS6.1AI score0.00363EPSS
Exploits0References5
NVD
NVDadded 2022/11/11 8:15 p.m.8 views

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

9.8CVSS0.01077EPSS
Exploits0References5
CVE
CVEadded 2022/11/11 12:0 a.m.40 views

CVE-2022-45182

Pi-Star DV Dash (Pi-Star DV) is affected by CVE-2022-45182 in all versions prior to 5aa194d due to mishandling of the module parameter. The CVE metadata indicates a CRITICAL impact (C/H/I/A) with network attack vector and no user interaction required. Public references in the initial and connecte...

9.8CVSS9.4AI score0.01077EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2022/11/11 12:0 a.m.9 views

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

9.7AI score0.01077EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2022/11/11 12:0 a.m.3 views

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

9.5AI score0.01077EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/11/11 12:0 a.m.2 views

PT-2022-27418 · Unknown · Pi-Star Dv Dash

Name of the Vulnerable Software and Affected Versions: Pi-Star DV Dash for Pi-Star DV versions prior to 5aa194d Description: The issue concerns the mishandling of the module parameter. Recommendations: For versions prior to 5aa194d, update to a version that includes the fix for the mishandling of...

9.8CVSS9.4AI score0.01077EPSS
Exploits0References9
Rows per page
Query Builder