Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/04/29 8:30 p.m.5 views

CVE-2026-7407

The CVE-2026-7407 vulnerability affects SourceCodester Pizzafy Ecommerce System 1.0, specifically the save_settings function in /pizzafy/admin/ajax.php?action=save_settings (Setting Handler). The issue is a SQL injection caused by input manipulation in that endpoint, enabling remote attackers to ...

5.8CVSS5AI score0.00013EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-1908

Malware in sbrugna...

6.5CVSS6.6AI score0.00268EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/02/28 12:0 a.m.4 views

PT-2025-9069 · WordPress · Forex Calculators

Name of the Vulnerable Software and Affected Versions: Forex Calculators plugin for WordPress versions up to, and including, 1.3.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to update the plugin's settings due to a missing capability check on the...

4.3CVSS9.4AI score0.00104EPSS
Exploits0References8
OSV
OSVadded 2024/07/29 1:15 p.m.2 views

CVE-2024-7200

A vulnerability, which was classified as problematic, has been found in SourceCodester Complaints Report Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=savesettings. The manipulation of the argument name leads to cross site scripting. The atta...

5.4CVSS3.9AI score0.00241EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/06/24 12:0 a.m.2 views

PT-2024-37508 · Sourcecodester · Sourcecodester Simple Online Bidding System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Bidding System version 1.0 Description: A critical issue affects the /admin/ajax.php?action=save settings file, where the manipulation of the img argument leads to unrestricted upload. This can be initiated...

9.8CVSS6.5AI score0.00158EPSS
Exploits1References7
OSV
OSVadded 2022/06/02 4:15 p.m.1 views

CVE-2022-32020

Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=savesettings...

9.8CVSS7.7AI score
Exploits0References1
wpexploit
wpexploitadded 2022/01/10 12:0 a.m.495 views

Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Go to the AJAX settings of a Form and put the following payload in the "Minimum number of characters required...

4.8CVSS0.00225EPSS
Exploits2
CNVD
CNVDadded 2018/06/28 12:0 a.m.2 views

WordPress WP Image Zoom Access Control Error Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP Image Zoom is used in one of the image zoom plugin. An access control error vulnerability exists in the AJAX...

6.5CVSS6.3AI score0.00268EPSS
Exploits1References1
Rows per page
Query Builder