Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

VulnCheck KEV
VulnCheck KEVadded 2026/04/20 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-2749

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

7.2CVSS6.5AI score0.04892EPSS
In wildExploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-8011

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00544EPSS
Exploits2References2
Exploit DB
Exploit DBadded 2025/05/13 12:0 a.m.412 views

Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

Exploit Title: Kentico Xperience 13.0.178 - Cross Site Scripting XSS Date: 2025-05-09 Version: Kentico Xperience before 13.0.178 Exploit Author: Alex Messham Contact: [email protected] Source: https://github.com/xirtam2669/Kentico-Xperience-before-13.0.178---XSS-POC/ CVE: CVE-2025-32370 import...

9.8CVSS9.6AI score0.00544EPSS
Exploits3
CNNVD
CNNVDadded 2025/03/27 12:0 a.m.2 views

Kentico 代码注入漏洞

Kentico is an ASP.NET-based content management system CMS from Kentico, Inc. A code injection vulnerability exists in Kentico version 13.0.178 and earlier, which stems from an incorrect operation of the parameter new database that can lead to a cross-site scripting attack...

4.8CVSS4.3AI score0.00387EPSS
Exploits0References5
OSV
OSVadded 2025/03/24 7:15 p.m.0 views

CVE-2025-2748

The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...

6.1CVSS7.5AI score0.00544EPSS
Exploits2References1
NVD
NVDadded 2025/03/24 7:15 p.m.8 views

CVE-2025-2748

The Kentico Xperience application does not fully validate or filter files uploaded via the multiple-file upload functionality, which allows for stored XSS.This issue affects Kentico Xperience through 13.0.178...

6.1CVSS0.00544EPSS
Exploits2References1
OSV
OSVadded 2025/03/24 7:15 p.m.1 views

CVE-2025-2747

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.1...

9.8CVSS5.8AI score0.91412EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/03/24 12:0 a.m.4 views

Kentico Xperience 跨站脚本漏洞

Kentico Xperience is a digital experience platform from Kentico, Inc. A security vulnerability exists in Kentico Xperience version 13.0.178 and earlier, which stems from vulnerability to stored cross-site scripting attacks...

6.1CVSS8.1AI score0.00544EPSS
Exploits2References3
CNNVD
CNNVDadded 2025/03/24 12:0 a.m.1 views

Kentico Xperience 安全漏洞

Kentico Xperience is a digital experience platform from Kentico, Inc. A security vulnerability exists in Kentico Xperience version 13.0.178 and earlier, which stems from an authentication bypass that could lead to the control of managed objects...

9.8CVSS6.8AI score0.91412EPSS
Exploits1References4
Rows per page
Query Builder