Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/05/18 4:34 p.m.0 views

GHSA-F946-9QP6-VGCH shopper/framework: Authorization bypass in multiple Livewire admin components

Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...

8.1CVSS5.8AI score
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/05/18 4:34 p.m.8 views

shopper/framework: Authorization bypass in multiple Livewire admin components

Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...

5.8AI score
Exploits0References6Affected Software1
CNNVD
CNNVDadded 2025/12/08 12:0 a.m.1 views

Emlog Pro 安全漏洞

Emlog Pro is a blogging system of Emlog open source. A security vulnerability exists in Emlog Pro version 2.5.20, which stems from a lack of path validation in the admin/template.php and admin/plugin.php components, which could result in the deletion of arbitrary files...

9.1CVSS6.8AI score0.00883EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/12/08 12:0 a.m.1 views

CVE-2025-61318

Emlog Pro 2.5.20 has an arbitrary file deletion vulnerability. This vulnerability stems from the admin/template.php component and the admin/plugin.php component. They fail to perform path verification and dangerous code filtering for deletion parameters, allowing attackers to exploit this feature...

7AI score0.00883EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-15565

Malware in sbrugna...

6.1CVSS6.3AI score0.0024EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.0 views

Malicious code in zmarta-admin-components (npm)

The package zmarta-admin-components was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-41033 Malicious code in zmarta-admin-components (npm)

The package zmarta-admin-components was found to contain malicious code...

7.2AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2024/06/13 7:52 a.m.19 views

CVE-2024-26070 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS5.3AI score0.01781EPSS
Exploits0References1
Prion
Prionadded 2017/03/07 4:59 p.m.14 views

Cross site scripting

Smith0r/burgundy-cms before 2017-03-06 is vulnerable to a reflected XSS in admin/components/menu/views/menuitems.php id parameter...

4.3CVSS5.9AI score0.0024EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder