Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/09 9:31 p.m.2 views

EUVD-2025-33574

Newforma Info Exchange NIX accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges. In Newforma before 2023.1, anonymous access is enabl...

6.9CVSS6.7AI score0.0015EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/10/09 12:0 a.m.3 views

PT-2025-41469

Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX versions prior to 2023.1 Description Newforma Info Exchange NIX allows authenticated users to read and delete arbitrary files with 'NT AUTHORITYNetworkService' privileges through requests to the...

6.9CVSS6.7AI score0.0015EPSS
Exploits0References6
OSV
OSVadded 2023/12/14 4:15 p.m.1 views

CVE-2023-6368

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold...

5.3CVSS5.7AI score0.00022EPSS
Exploits0References2
OSV
OSVadded 2023/12/14 4:15 p.m.0 views

CVE-2023-6365

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting XSS vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be...

5.4CVSS5.6AI score
Exploits0References2
OSV
OSVadded 2023/12/14 4:15 p.m.3 views

CVE-2023-6366

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting XSS vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be...

5.4CVSS5.6AI score0.00016EPSS
Exploits0References2
OSV
OSVadded 2023/12/14 4:15 p.m.1 views

CVE-2023-6367

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting XSS vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to...

5.4CVSS5.7AI score
Exploits0References2
Prion
Prionadded 2023/12/14 4:15 p.m.24 views

Cross site scripting

In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting XSS vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be...

4.9CVSS5.1AI score0.00016EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/12/14 12:0 a.m.2 views

PT-2023-32627 · Ipswitch · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: WhatsUp Gold versions prior to 2023.1 Description: A stored cross-site scripting XSS issue has been identified, allowing an attacker to craft a XSS payload and store it within a dashboard component. If a user interacts with the crafted payloa...

7.6CVSS5.1AI score0.00014EPSS
Exploits0References6
Rows per page
Query Builder