Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/01/12 12:0 a.m.1 views

PILOS 跨站请求伪造漏洞

PILOS is an open source front-end software from THM. A cross-site request forgery vulnerability exists in PILOS versions prior to 4.10.0, which stems from a cross-site request forgery in the management API endpoint that could result in termination of all active video conferences...

4.5CVSS5.7AI score0.00027EPSS
Exploits0References3
NVD
NVDadded 2025/10/27 9:15 p.m.3 views

CVE-2025-62523

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. PILOS before 4.8.0 includes a Cross-Origin Resource Sharing CORS misconfiguration in its middleware: it reflects the Origin request header back in the Access-Control-Allow-Origin response header without proper...

6.3CVSS0.00041EPSS
Exploits0References2
OSV
OSVadded 2025/10/27 8:18 p.m.2 views

CVE-2025-62524 PILOS Exposes PHP version

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the X-Powered-By header, enabling attackers to fingerprint the server and assess potential exploits. This information disclosure vulnerability originates from PHP’s...

5.3CVSS6.6AI score0.00042EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.2 views

PILOS 代码问题漏洞

PILOS is a THM open source front-end software. A code issue vulnerability exists in PILOS versions prior to 4.8.0 that stems from a password change that does not invalidate the current session token, which could allow an attacker to continue to maintain access using the acquired session token...

5CVSS6.8AI score0.00024EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.4 views

PT-2025-44036

Name of the Vulnerable Software and Affected Versions PILOS versions prior to 4.8.0 Description PILOS, a frontend for BigBlueButton, has a Cross-Origin Resource Sharing CORS misconfiguration in its middleware. The system reflects the Origin request header in the Access-Control-Allow-Origin respon...

6.3CVSS6.8AI score0.00041EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-51259

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00283EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:58 a.m.5 views

CVE-2023-47107

PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to PILOS users...

8.8CVSS6.8AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/11/08 12:0 a.m.1 views

BigBlueButton PILOS Security Vulnerability

BigBlueButton is an open source web conferencing system from the BigBlueButton community. A security vulnerability exists in BigBlueButton PILOS versions 2.0 through 2.3, which stems from the fact that when constructing a password reset URL, the password reset component deployed in PILOS uses the...

8.8CVSS6.8AI score0.00283EPSS
Exploits0References2
Rows per page
Query Builder