Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/01/15 7:28 p.m.5 views

CVE-2026-23622

Easy!Appointments is a self hosted appointment scheduler. In 1.5.2 and earlier, application/core/EASecurity.php::csrfverify only enforces CSRF for POST requests and returns early for non-POST methods. Several application endpoints perform state-changing operations while accepting parameters from...

8.8CVSS5.5AI score0.00014EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/09 12:0 a.m.6 views

CVE-2022-43031

DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords...

9.1AI score0.0033EPSS
Exploits1References2
CVE
CVEadded 2022/03/23 4:3 p.m.78 views

CVE-2021-43737

CVE-2021-43737 affects xiaohuanxiong CMS 5.0.17. The issue is a cross-site request forgery (CSRF) in the WEB application that allows an attacker to modify the password of the administrator account. Root cause described in sources is insufficient validation that requests originate from a trusted u...

6.5CVSS6.4AI score0.00098EPSS
Exploits1References1Affected Software1
seebug.org
seebug.orgadded 2014/04/11 12:0 a.m.17 views

逐浪CMS任意SQL游走CMS2 V1.4 V1.5、 CMS6.0均受影响(其他版本死链未测)

简要描述: 问题出现在详细说明中 详细说明: 问题出现在 User\Develop\ashx\UserTage.ashx 代码片段: try MZoneNode MZN = new MZoneNode; BEditPage BEP = new BEditPage; MZN.NodeID = Convert.ToInt32nodeid; MZN.UserID = BU.GetLogin.UserID; string strTemp = style; string strStyle = strTemp.Split'|'; if strStyle != null foreach string...

7AI score
Exploits0
myhack58
myhack58added 2010/04/15 12:0 a.m.14 views

Le tour travel site management system v1. 7. 3 xday-vulnerability warning-the black bar safety net

The exploit procedure: First: The administrator directory under AdminPassod. asp !-- include file="../Include/conn. asp" - !-- include file="../Include/md5. asp" - % select case request. QueryString"Action" case "ModifyPass" SaveNewPass case else end select set rs = server. createobject"adodb...

Exploits0
myhack58
myhack58added 2010/04/14 12:0 a.m.19 views

Le tour travel site management system v1. 7. 3 Oday-vulnerability warning-the black bar safety net

Author:Lan3a First: The administrator directory under AdminPassod. asp !-- include file="../Include/conn. asp" - !-- include file="../Include/md5. asp" - % select case request. QueryString"Action" case "ModifyPass" SaveNewPass case else end select set rs = server. createobject"adodb. recordset"...

Exploits0
exploitpack
exploitpackadded 2008/07/30 12:0 a.m.10 views

HIOX Browser Statistics 2.0 - Arbitrary Add Admin

HIOX Browser Statistics 2.0 - Arbitrary Add Admin "; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? table align=center valign=center bgcolo...

7.4AI score
Exploits0
Rows per page
Query Builder