Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 3:39 p.m.5 views

CVE-2020-5731

In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit's page is vulnerable to cross-site scripting...

6.1CVSS6.8AI score0.00328EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/07/11 12:0 a.m.1 views

Siemens RUGGEDCOM ROX 系列多款产品 命令注入漏洞

RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A command injection vulnerability exists in the Siemens RUGGEDCOM ROX, which stems from a lack of server-side input validation, making the Upgrade-app...

9.1CVSS8.3AI score0.01742EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/07/11 12:0 a.m.3 views

Siemens RUGGEDCOM ROX 系列多款产品 命令注入漏洞

RUGGEDCOM products offer a degree of robustness and reliability that sets the standard for communication networks deployed in harsh environments. A command injection vulnerability exists in the Siemens RUGGEDCOM ROX, which stems from a lack of server-side input validation, making the install-app...

9.1CVSS8.3AI score0.01218EPSS
Exploits0References2
Veracode
Veracodeadded 2022/08/03 4:59 p.m.20 views

OS Command Injection

Heroku-env is vulnerable to OS command injection. The vulnerability is due to the function get that executes a shell command with unsanitized user input. An attacker can inject shell code using the app parameter, using the control operator & or && followed by an arbitrary command...

9.8CVSS9.4AI score0.00513EPSS
Exploits1Affected Software1
CNNVD
CNNVDadded 2020/12/18 12:0 a.m.1 views

Xinuos Openserver 跨站脚本漏洞

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...

6.1CVSS6.4AI score0.01051EPSS
Exploits3References5
NVD
NVDadded 2017/05/02 2:59 p.m.8 views

CVE-2015-8257

The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to 1 applicense.shtml, 2 applicensecustom.shtml, 3 appindex.shtml, or 4 appparams.shtml...

9CVSS8.8AI score0.28149EPSS
Exploits5References3
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.13 views

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

No description provided by source. $Id: hpnnmsnmpvieweractapp.rb 12098 2011-03-23 15:47:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2012/02/17 12:0 a.m.53 views

Horde 3.3.12 Backdoor Arbitrary PHP Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Horde 3.3.12...

7.5CVSS0.7AI score0.64772EPSS
Exploits8
Rows per page
Query Builder