Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

89 matches found

EUVD
EUVDadded 2026/04/07 9:32 p.m.2 views

EUVD-2025-209276

In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint...

5.9AI score0.00058EPSS
Exploits2References3
OSV
OSVadded 2026/04/07 9:32 p.m.1 views

GHSA-2H6J-MHCP-9J9H GenieACS has an unauthenticated access vulnerability via the NBI API endpoint

In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint...

7.5CVSS5.8AI score0.00058EPSS
Exploits2References3
ATTACKERKB
ATTACKERKBadded 2026/04/07 12:0 a.m.0 views

CVE-2025-56015

In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint...

5.9AI score0.00058EPSS
Exploits2References3
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.2 views

GenieACS 安全漏洞

GenieACS is an open-source high-performance automatic configuration server designed for remote management of devices enabled with TR-069. Version 1.2.13 of GenieACS contains a security vulnerability, which stems from unvalidated access to the NBI API endpoint...

7.5CVSS5.8AI score0.00058EPSS
Exploits2References2
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.1 views

PT-2026-30981

In GenieACS 1.2.13, an unauthenticated access vulnerability exists in the NBI API endpoint...

5.9AI score0.00058EPSS
Exploits2References3
EUVD
EUVDadded 2026/03/05 6:30 a.m.2 views

EUVD-2026-9737

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through = 1.2.13...

8.1CVSS5.9AI score0.00172EPSS
Exploits0References2
NVD
NVDadded 2026/03/05 6:16 a.m.2 views

CVE-2026-28079

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through = 1.2.13...

8.1CVSS0.00172EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/05 5:54 a.m.26 views

CVE-2026-28098 WordPress Save Life theme <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...

8.1CVSS0.00172EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/03/05 12:0 a.m.2 views

WordPress plugin Save Life 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.4 views

PT-2026-23373

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...

5.9AI score0.00172EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.1 views

PT-2026-23357

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Conquerors conquerors allows PHP Local File Inclusion.This issue affects Conquerors: from n/a through = 1.2.13...

5.9AI score0.00172EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/02/27 7:56 a.m.3 views

WordPress Conquerors theme <= 1.2.13 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Conquerors versions = 1.2.13...

8.1CVSS5.9AI score0.00172EPSS
Exploits0Affected Software1
OSV
OSVadded 2026/02/18 4:16 a.m.0 views

AZL-78203 CVE-2026-27171 affecting package zlib 1.2.13-2

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

5.5CVSS5.7AI score0.00009EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/02/03 3:18 p.m.5 views

CVE-2024-4147

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to delete prompts created in other organizations through ID manipulation. The vulnerability stems from the application's failure to validate the ownership of the prompt before deletion, on...

7.5CVSS5.5AI score0.00026EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/02/03 9:18 a.m.3 views

CVE-2024-54263

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Talemy Spirit Framework allows PHP Local File Inclusion.This issue affects Spirit Framework: from n/a through 1.2.13...

7.5CVSS5.4AI score0.0017EPSS
Exploits0References1
NVD
NVDadded 2026/02/02 11:16 a.m.2 views

CVE-2024-4147

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to delete prompts created in other organizations through ID manipulation. The vulnerability stems from the application's failure to validate the ownership of the prompt before deletion, on...

7.5CVSS0.00026EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/02/02 10:36 a.m.2 views

CVE-2024-4147 Insufficient Access Control in lunary-ai/lunary

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to delete prompts created in other organizations through ID manipulation. The vulnerability stems from the application's failure to validate the ownership of the prompt before deletion, on...

7.5CVSS5.5AI score0.00026EPSS
Exploits1References2
CVE
CVEadded 2026/02/02 10:36 a.m.6 views

CVE-2024-4147

CVE-2024-4147 affects lunary-ai/lunary v1.2.13. The flaw is insufficient access-control granularity: deletion checks only resource-permission, not ownership by project/organization, enabling deletion of prompts from other organizations. This can cause legitimate users to lose access and data inco...

7.5CVSS5.5AI score0.00026EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2026/02/02 10:16 a.m.4 views

CVE-2024-54263

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Talemy Spirit Framework allows PHP Local File Inclusion.This issue affects Spirit Framework: from n/a through 1.2.13...

7.5CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/02 9:11 a.m.19 views

CVE-2024-54263 WordPress Spirit Framework plugin <= 1.2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Talemy Spirit Framework allows PHP Local File Inclusion.This issue affects Spirit Framework: from n/a through 1.2.13...

7.5CVSS0.0017EPSS
Exploits0References1
Rows per page
Query Builder