Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/23 2:31 a.m.2 views

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

6.5CVSS8.7AI score0.0019EPSS
Exploits1References1
CVE
CVEadded 2024/06/14 4:17 a.m.51 views

CVE-2024-3497

The CVE-2024-3497 entry refers to a directory traversal vulnerability in the web server of Toshiba e-STUDIO printers. The issue allows a network-adjacent attacker to overwrite or add files via path traversal in the unzip operation, with ZDI noting possible remote code execution and no authenticat...

8.8CVSS8.8AI score0.00191EPSS
Exploits0References3
0day.today
0day.todayadded 2024/06/13 12:0 a.m.260 views

Quick CMS 6.7 Shell Upload Vulnerability

Title : Authenticated Shell Upload Product : Quick CMS Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Report : Already contact the vendor but no response Affected path : admin.php , core/common-admin.php, database/config.php Affected...

7.4AI score
Exploits0
OSV
OSVadded 2023/05/02 8:15 a.m.1 views

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

6.5CVSS6.9AI score
Exploits0References1
OSV
OSVadded 2023/04/04 1:15 p.m.1 views

DEBIAN-CVE-2023-28998

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new...

6.7CVSS6.3AI score0.00487EPSS
Exploits1References1
Huntr
Huntradded 2022/03/10 2:1 a.m.26 views

Unrestricted Upload of File with Dangerous Type

Description Malicious user can bypass checking and upload .phtm or .php6 file which leads to stored XSS. Proof of Concept - Step 1: Login as admin at https://demo.microweber.org/demo/admin/ - Step 2: Go to Websites setting and Edit any page https://demo.microweber.org/demo/admin/page/24/edit -...

3.5CVSS4.9AI score0.00195EPSS
Exploits1
0day.today
0day.todayadded 2010/08/06 12:0 a.m.27 views

Naturpic Video Joiner Buffer Overflow POC

Exploit for windows platform in category dos / poc ========================================= Naturpic Video Joiner Buffer Overflow POC ========================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2010/03/22 12:0 a.m.19 views

Donar Player 2.2.0 Denial Of Service

!/usr/bin/python Title: Donar Player 2.2.0 Local Crash PoC Date: 03-21-2010 Author: b0telh0 Link: http://www.donarzone.com/downloads/donar-player-setup-free.exe Tested on: Windows XP SP3 crash = "\x41" 1000 try: file = open'b0t.wma','w'; file.writecrash; file.close; print "\n+ b0t.wma created."...

0.4AI score
Exploits0
Rows per page
Query Builder