Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-17739

Malware in sbrugna...

9.8CVSS9.5AI score0.00292EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-20752

Malware in sbrugna...

7.2CVSS7AI score0.00647EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-20766

Malware in sbrugna...

4.8CVSS5.1AI score0.00207EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-33313

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00061EPSS
Exploits1References5
OSV
OSVadded 2024/11/05 2:15 a.m.0 views

CVE-2024-10810

A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/apprequest.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS5.8AI score0.00061EPSS
Exploits1References5
NVD
NVDadded 2018/04/16 9:58 a.m.14 views

CVE-2018-9169

Z-BlogPHP 1.5.1 has XSS via the zbusers/plugin/AppCentre/pluginedit.php appid parameter. The component must be accessed directly by an administrator, or through CSRF...

4.8CVSS5AI score0.00207EPSS
Exploits0References1
Prion
Prionadded 2018/04/16 9:58 a.m.13 views

Cross site request forgery (csrf)

The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the appid parameter to zbusers/plugin/AppCentre/pluginedit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directl...

6.5CVSS8.2AI score0.00647EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/04/15 2:0 p.m.12 views

CVE-2018-9169

Z-BlogPHP 1.5.1 has XSS via the zbusers/plugin/AppCentre/pluginedit.php appid parameter. The component must be accessed directly by an administrator, or through CSRF...

5AI score0.00207EPSS
Exploits0References1
OSV
OSVadded 2017/05/05 6:29 p.m.2 views

CVE-2017-8796

An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...

9.8CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2017/05/05 6:29 p.m.13 views

Sql injection

An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...

7.5CVSS9.8AI score0.00292EPSS
Exploits1References1Affected Software1
Hacker One
Hacker Oneadded 2016/08/01 1:21 a.m.27 views

Shopify: Staff member can delete Private Apps

Hi Team, Bug description : I noticed that Full access staff member doesn't have access to private Apps Even he has access to Apps. But a Staff member can actually Delete Private Apps through the normal App link by changing the ID. Steps to reproduce : 1. Create A shop and install any app. Also...

Exploits0
Exploit DB
Exploit DBadded 2014/11/26 12:0 a.m.43 views

Android WAPPushManager - SQL Injection

INTRODUCTION ================================== In Android 5.0, a SQL injection vulnerability exists in the opt module WAPPushManager, attacker can remotely send malformed WAPPush message to launch any activity or service in the victim's phone need permission check DETAILS...

7.5CVSS6.6AI score0.02699EPSS
Exploits5
Rows per page
Query Builder