Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

67 matches found

Prion
Prionadded 2019/12/30 8:15 p.m.10 views

Xxe

XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is: Arbitrary File Read when an XML File is validated. The component is: XML Validate function. The attack vector is: Specially crafted XML payload...

5.5CVSS8.1AI score0.04512EPSS
Exploits5References2Affected Software1
CVE
CVEadded 2019/12/30 7:15 p.m.109 views

CVE-2019-19032

XMLBlueprint XML Editor version 16.191112 and earlier is affected by XML External Entity (XXE) Injection (CVE-2019-19032). A crafted XML payload can trigger the XML Validate function to read arbitrary files, enabling Arbitrary File Read during validation. The vulnerability is linked to the XML Ex...

8.1CVSS8AI score0.04512EPSS
Exploits5References2Affected Software1
Snyk
Snykadded 2019/11/27 3:24 p.m.1 views

Internal Property Tampering

Overview schema-inspector is a JSON API sanitisation and validation module. Affected versions of this package are vulnerable to Internal Property Tampering. A maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector. Remediation Upgrade...

9.8CVSS6.8AI score0.01392EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2019/06/20 3:15 a.m.1 views

CVE-2019-19032

XMLBlueprint through 16.191112 is affected by XML External Entity Injection. The impact is: Arbitrary File Read when an XML File is validated. The component is: XML Validate function. The attack vector is: Specially crafted XML payload...

8.1CVSS5.4AI score0.04512EPSS
Exploits5References4
Exploit DB
Exploit DBadded 2013/01/09 12:0 a.m.423 views

WeBid 1.0.6 - SQL Injection

Exploit Title: WeBid 1.0.6 SQL Injection Vulnerability Google Dork: "Powered by WeBid" Date: 1/9/13 Exploit Author: Life Wasted Vendor Homepage: http://www.webidsupport.com/ Version: Tested on 1.0.6, but could affect other version Tested On: Linux, Windows Vulnerable Code: Line 53 of the...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2006/04/11 12:0 a.m.29 views

Vegadns blind sql injection and cross site scripting

Author : Ph03n1X email : [email protected] site : http://kandangjamur.net/ vendor : www.vegadns.org version: 0.99 XSS ---- PoC : http://exam.com/vegadns/index.php?VDNSSessid=m42644r75o1eg4f7mb7e4rnpg7&message=3Ch13E3Cmarquee3Ealoo3C/marquee3E3C/h13E Vulnerable script is located in index.php...

0.9AI score
Exploits0
securityvulns
securityvulnsadded 2006/04/10 12:0 a.m.30 views

MAXDEV CMS Multiple vulnerabilities

Full Path disclosure --------------------- This hole is caused by direct access to file includes/legacy.php not protected PoC : http://site.co.id/maxdev/includes/legacy.php Fix : Turn off display error in php.ini can fix this security issue Blind sql inject ----------------- This hole is caused b...

7.2AI score
Exploits0
Rows per page
Query Builder