Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

33 matches found

NVD
NVDadded 2026/05/27 2:16 a.m.9 views

CVE-2026-9608

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS0.00032EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/27 12:15 a.m.10 views

CVE-2026-9608

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS4.1AI score0.00032EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/27 12:15 a.m.7 views

CVE-2026-9608 QianFox FoxCMS Administrator Backend edit cross site scripting

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS4.1AI score0.00032EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/27 12:15 a.m.15 views

EUVD-2026-32028

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS4.1AI score0.00032EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/27 12:15 a.m.30 views

CVE-2026-9608 QianFox FoxCMS Administrator Backend edit cross site scripting

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS0.00032EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.6 views

FoxCMS 代码注入漏洞

FoxCMS is a content management system provided by FoxCMS Company in China, available for free commercial use and open source. Versions of FoxCMS 1.2.6 and earlier have a code injection vulnerability. This vulnerability stems from unknown functions in the Administrator Backend component/Tag/edit...

4.8CVSS5.7AI score0.00032EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/07 9:48 a.m.16 views

CVE-2022-27111

JfinalCMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it...

5.4CVSS6.4AI score0.00191EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/11/28 9:10 a.m.3 views

CVE-2025-55469

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend...

9.8CVSS7.1AI score0.00082EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/26 6:31 p.m.2 views

EUVD-2025-199739

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend...

6.6AI score0.00082EPSS
Exploits1References4
OSV
OSVadded 2025/11/26 6:15 p.m.3 views

CVE-2025-55469

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend...

9.8CVSS5.8AI score0.00082EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/11/26 12:0 a.m.2 views

PT-2025-48165

Name of the Vulnerable Software and Affected Versions youlai-boot version 2.21.1 Description An issue with access control in youlai-boot version 2.21.1 allows attackers to escalate privileges and gain access to the Administrator backend. Recommendations At the moment, there is no information abou...

9.8CVSS6.7AI score0.00082EPSS
Exploits1References10
Vulnrichment
Vulnrichmentadded 2025/11/26 12:0 a.m.1 views

CVE-2025-55469

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend...

6.7AI score0.00082EPSS
Exploits1References3
CVE
CVEadded 2025/11/26 12:0 a.m.12 views

CVE-2025-55469

CVE-2025-55469 affects youlai-boot v2.21.1. The underlying issue is an incorrect access-control mechanism that allows unauthenticated attackers (CVSS: 9.8, CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U) to escalate privileges and access the Administrator backend. Multiple sources (Red Hat, EUVD/ENISA, NVD, C...

9.8CVSS6.7AI score0.00082EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2025/11/26 12:0 a.m.5 views

CVE-2025-55469

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and access the Administrator backend...

0.00082EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-31650

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00191EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-12382

Malicious code in bioql PyPI...

3.8CVSS6.6AI score0.00145EPSS
Exploits0References4
CVE
CVEadded 2025/09/09 9:0 a.m.12 views

CVE-2025-59014

TYPO3 CMS is affected by CVE-2025-59014 due to an uncaught exception in the Bookmark Toolbar. Affected versions are 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17. The vulnerability lets administrator‑level backend users trigger a denial‑of‑service in the backend UI by saving manipulated data...

5.1CVSS6.4AI score0.00035EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/09/09 9:0 a.m.4 views

CVE-2025-59014 Denial of Service in TYPO3 Bookmark Toolbar

An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11.0.0–11.5.47, 12.0.0–12.4.36, and 13.0.0–13.4.17 lets administrator‑level backend users trigger a denial‑of‑service condition in the backend user interface by saving manipulated data in the bookmark toolbar...

5.1CVSS6.4AI score0.00035EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/06/05 5:8 p.m.19 views

CVE-2025-5512

A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1. Affected is an unknown function of the file /api/sys/user/verifyPassword/ of the component Administrator Backend. The manipulation leads to improper authentication. It is possible to launch the atta...

7.5CVSS6.8AI score0.00803EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/06/03 5:0 p.m.18 views

CVE-2025-5512 quequnlong shiyi-blog Administrator Backend verifyPassword improper authentication

A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1. Affected is an unknown function of the file /api/sys/user/verifyPassword/ of the component Administrator Backend. The manipulation leads to improper authentication. It is possible to launch the atta...

7.5CVSS0.00803EPSS
Exploits1References5
Rows per page
Query Builder