Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/27 8:16 p.m.15 views

CVE-2026-42197

RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability that allows any enrolled student to execute arbitrary JavaScript in an administrator's browser session, potentially leading to full admin...

8.7CVSS0.0031EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/09 5:15 p.m.9 views

EUVD-2026-28918

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

6.5CVSS6.4AI score0.05344EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/09 4:15 p.m.10 views

EUVD-2026-28916

A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...

6.5CVSS5.6AI score0.04807EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.5 views

PT-2026-7057

A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly...

7.5CVSS5.5AI score0.00323EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2025/11/19 4:2 p.m.4 views

CVE-2025-65024 i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agendaadmincad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands against...

7.2CVSS7.9AI score0.00353EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2002-0509

Malware in sbrugna...

10CVSS6.4AI score0.04585EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/08/09 12:0 a.m.3 views

PT-2022-22888 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns a lack of filtering on the led switch parameter in the adm.cgi file, which can lead to command injection when accessing the...

9.8CVSS9.7AI score0.02404EPSS
Exploits1References2
securityvulns
securityvulnsadded 2007/12/18 12:0 a.m.19 views

RaidenHTTPD Web server directory traversal

Directory traversal in web administration script...

1.8AI score
Exploits0References1Affected Software1
NVD
NVDadded 2002/08/12 4:0 a.m.14 views

CVE-2002-0513

The PHP administration script in poppermod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator...

10CVSS7AI score0.04585EPSS
Exploits0References4
Rows per page
Query Builder