CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

Positive Technologies•added 2025/04/17 12:0 a.m.•3 views

PT-2025-17232 · Twonav · Twonav

Name of the Vulnerable Software and Affected Versions: twonav version 2.1.18-20241105 Description: The issue allows a remote attacker to obtain sensitive information via the site settings component. Recommendations: For twonav version 2.1.18-20241105, consider restricting access to the site...

6.5CVSS6AI score0.00491EPSS

Exploits1References5

OSV•added 2024/05/03 6:15 p.m.•2 views

CVE-2024-34453

TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=readdata&type=connectivitytest which reaches /system/api.php...

4.3CVSS5.8AI score0.00184EPSS

Exploits0References2

NVD•added 2024/05/03 6:15 p.m.•11 views

CVE-2024-34453

TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=readdata&type=connectivitytest which reaches /system/api.php...

4.3CVSS6.6AI score0.00184EPSS

Exploits0References2

CNNVD•added 2024/05/03 12:0 a.m.•2 views

TwoNav 安全漏洞

TwoNav is an open source and free bookmark navigation management program from tznb1 open source. A security vulnerability exists in TwoNav version 2.1.13, which stems from a server-side request forgery vulnerability in the url parameter...

4.3CVSS6.8AI score0.00184EPSS

Exploits0References3

Vulnrichment•added 2024/05/03 12:0 a.m.•10 views

CVE-2024-34453

TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=readdata&type=connectivitytest which reaches /system/api.php...

6.9AI score0.00184EPSS

Exploits0References2

CVE•added 2024/05/03 12:0 a.m.•89 views

CVE-2024-34453

TwoNav version 2.1.13 is affected by an SSRF vulnerability that can be exploited via the url parameter in index.php?c=api&method=read_data&type=connectivity_test, which reaches /system/api.php. Root cause is an SSRF in the API endpoint, with CVSSv3.1 base score 4.3 (Medium) and network attack vec...

4.3CVSS6.8AI score0.00184EPSS

Exploits0References2

Cvelist•added 2024/05/03 12:0 a.m.•15 views

CVE-2024-34453

TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method=readdata&type=connectivitytest which reaches /system/api.php...

6.8AI score0.00184EPSS

Exploits0References2

NVD•added 2023/07/11 3:15 p.m.•11 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

5.4CVSS5.4AI score0.00099EPSS

Exploits1References1

ATTACKERKB•added 2023/07/11 3:15 p.m.•0 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

5.4CVSS6AI score0.00099EPSS

Exploits1References2

OSV•added 2023/07/11 3:15 p.m.•14 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

5.4CVSS6.6AI score

Exploits0References1

Prion•added 2023/07/11 3:15 p.m.•15 views

Cross site scripting

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

4.9CVSS5.3AI score0.00099EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/07/11 12:0 a.m.•4 views

PT-2023-26062 · Twonav · Twonav

Name of the Vulnerable Software and Affected Versions: TwoNav version 2.0.28-20230624 Description: The issue is related to Cross Site Scripting XSS. Recommendations: For version 2.0.28-20230624, consider disabling any features that may facilitate XSS attacks until a patch is available. Restrict...

5.4CVSS5.1AI score0.00099EPSS

Exploits1References4

CNNVD•added 2023/07/11 12:0 a.m.•2 views

TwoNav 跨站脚本漏洞

TwoNav is an open source and free bookmark navigation management program by tznb1 open source. A cross-site scripting vulnerability exists in TwoNav version v2.0.28-20230624, which stems from a default setting that allows free registration, resulting in stored XSS...

5.4CVSS5.3AI score0.00099EPSS

Exploits1References2

Vulnrichment•added 2023/07/11 12:0 a.m.•10 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

6.5AI score0.00099EPSS

Exploits1References1

Cvelist•added 2023/07/11 12:0 a.m.•14 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting XSS...

5.6AI score0.00099EPSS

Exploits1References1

CVE•added 2023/07/11 12:0 a.m.•38 views

CVE-2023-37657

TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS) as CVE-2023-37657. The connected sources confirm the product/version affected and the XSS class, but do not provide a technical root cause or specific vulnerable component. No patch/version with fix is disclosed in the supplied d...

5.4CVSS5.3AI score0.00099EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by