Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2026/02/09 7:15 p.m.2 views

CVE-2026-24777

OpenProject is an open-source, web-based project management software. Prior to 17.0.2, users with the Manage Users permission can lock and unlock users. This functionality should only be possible for users of the application, but they were not supposed to be able to lock application administrator...

6.7CVSS0.00062EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/02/09 12:0 a.m.2 views

PT-2026-7126

OpenProject is an open-source, web-based project management software. Prior to 17.0.2, users with the Manage Users permission can lock and unlock users. This functionality should only be possible for users of the application, but they were not supposed to be able to lock application administrator...

6.7CVSS5.5AI score0.00062EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-42195

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00203EPSS
Exploits0References1
NVD
NVDadded 2024/12/30 6:15 p.m.13 views

CVE-2024-46542

Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks...

6.5CVSS0.00203EPSS
Exploits0References2
CVE
CVEadded 2024/12/30 12:0 a.m.67 views

CVE-2024-46542

CVE-2024-46542 affects Veritas / Arctera Data Insight versions prior to 7.1.1. The root cause is improper neutralization of SQL commands, allowing Application Administrators to perform SQL injection. Impact described: potential information disclosure. Remediation: upgrade to 7.1.1 or later; as a ...

6.5CVSS8AI score0.00203EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/12/30 12:0 a.m.12 views

CVE-2024-46542

Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks...

6.5CVSS0.00203EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/12/30 12:0 a.m.8 views

CVE-2024-46542

Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks...

6.5CVSS8.2AI score0.00203EPSS
Exploits0References2
Prion
Prionadded 2020/08/20 1:15 p.m.9 views

Cross site scripting

An XSS issue was discovered in TreasuryXpress 19191105. Due to the lack of filtering and sanitization of user input, malicious JavaScript can be executed by the application's administrators. A malicious payload can be injected within the Multi Approval security component and inserted via the Note...

4.3CVSS6AI score0.0024EPSS
Exploits1References1Affected Software1
myhack58
myhack58added 2016/03/02 12:0 a.m.11 views

How I was in the Google collaboration community GWC found the reflection type, a storage type, the DOM type of vulnerability? - Vulnerability warning-the black bar safety net

! Google for Work Connect, the GWC is a System, Application Administrator, and partner community of system, but also in Google's vulnerability reward range. Shortly before, I was in the GWC community system found reflection type, a storage type, the DOM typeXSS. The storage typeXSS In the GWC...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.26 views

ZenPhoto 1.4.0.3 x-forwarded-for HTTP Header presisitent XSS

No description provided by source. Exploit Title: ZenPhoto 1.4.0.3 patched 2011-4-19 x-forwarded-for HTTP Header presisitent XSS Date: 21-4-2011 Author: Saif El-Sherei Software Link: http://zenphoto.googlecode.com/files/zenphoto-1.4.0.3.zip Version: 1.4.0.3 latest updated 2011-4-19 Tested on:FF...

7.1AI score
Exploits0
Rows per page
Query Builder