Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 11:35 a.m.3 views

CVE-2025-22619

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the editarpermissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts...

6.4CVSS6AI score0.00496EPSS
Exploits1References1
NVD
NVDadded 2025/01/14 1:15 a.m.8 views

CVE-2025-23037

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the control.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the...

6.4CVSS0.009EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/01/13 12:0 a.m.2 views

PT-2025-4600 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the dependente editarInfoPessoal.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scrip...

6.4CVSS5.7AI score0.00689EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2024/03/25 12:0 a.m.3 views

PT-2024-2396 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ version 3.2.5 Description: A SQL injection vulnerability has been discovered in the "Add News" functionality due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to...

9CVSS8.2AI score0.02881EPSS
Exploits1References15
Positive Technologies
Positive Technologiesadded 2024/03/25 12:0 a.m.3 views

PT-2024-22799 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.2.6 Description: There is a Path Traversal vulnerability in Attachments that allows attackers with admin rights to upload malicious files to other locations of the web root. This issue can be exploited by remote...

3.8CVSS7.2AI score0.0063EPSS
Exploits1References11
PyPA
PyPAadded 2023/07/21 7:15 p.m.4 views

PYSEC-2023-129

Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation prompts commonly used when deleting content from Indico. Exploitation requires someone with at least submission privileges such as a speaker and then someone...

5.4CVSS6.8AI score0.00532EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/21 12:0 a.m.3 views

PT-2023-26171 · Indico · Indico

Name of the Vulnerable Software and Affected Versions: Indico versions prior to 3.2.6 Description: There is a Cross-Site-Scripting issue in confirmation prompts used when deleting content from Indico. Exploitation requires someone with at least submission privileges and then someone else to attem...

5.4CVSS5.2AI score0.00532EPSS
Exploits0References11
Rows per page
Query Builder