Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1863 matches found

Prion
Prionadded 2009/03/25 6:30 p.m.11 views

Improper access control

Piwik 0.2.32 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the API key and other sensitive information via a direct request for misc/cron/archive.sh...

5CVSS6.8AI score0.01205EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2009/03/25 6:0 p.m.46 views

CVE-2009-1085

CVE-2009-1085 affects Piwik 0.2.32 and earlier. The issue is improper access control that stores sensitive information (including the API key) under the web root, enabling remote attackers to obtain it via a direct request for misc/cron/archive.sh. The connected records confirm the same descripti...

5CVSS6.5AI score0.01205EPSS
Exploits0References3Affected Software1
Drupal
Drupaladded 2008/06/18 12:0 a.m.11 views

SA-2008-038 - Services - Arbitrary code execution

The Services module package was created out of a need for a standardized solution to integrate external applications with Drupal. It builds on concepts from Drupal core's XMLRPC interface, but abstracts service callbacks so that they may be used with multiple interfaces such as XMLRPC, SOAP, REST...

8AI score
Exploits0References7
Rows per page
Query Builder