Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/19 10:55 p.m.1 views

EUVD-2026-13365

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, SuiteCRM contains an authenticated arbitrary file upload vulnerability in the Configurator module. An authenticated administrator can bypass intended file ty...

2.7CVSS5.7AI score0.00051EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/11 12:0 a.m.1 views

PT-2025-50755

Name of the Vulnerable Software and Affected Versions FoF Pretty Mail version 1.1.2 Description FoF Pretty Mail version 1.1.2 has a local file inclusion issue. Administrative users can include arbitrary server files in email templates. An attacker can exploit the template settings by inserting fi...

6.9CVSS6.2AI score0.00062EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/07/01 12:0 a.m.1 views

Flowise Security Vulnerabilities

Flowise is a tool for easily building LLM applications. A security vulnerability exists in Flowise version 1.4.3, which stems from the presence of a reflective cross-site scripting vulnerability that could allow an attacker to read arbitrary files from the server...

6.1CVSS6AI score0.0032EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2023/12/14 3:30 p.m.29 views

External Control of File Name or Path in h2oai/h2o-3

Remote unauthenticated attackers can overwrite arbitrary server files with attacker-controllable data. The data that the attacker can control is not entirely arbitrary. h2o writes a CSV/XLS/etc file to disk, so the attacker data is wrapped in quotations and starts with "C1", if they're exporting ...

9.3CVSS7.1AI score0.00207EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2023/05/24 12:0 a.m.4 views

GitLab 路径遍历漏洞

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. GitLab CE/...

10CVSS6.8AI score0.91925EPSS
Exploits5References6
ATTACKERKB
ATTACKERKBadded 2022/02/24 3:15 p.m.2 views

CVE-2022-23810

Template injection Improper Neutralization of Special Elements Used in a Template Engine vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to...

6.5CVSS6.6AI score0.003EPSS
Exploits0References3
Prion
Prionadded 2021/11/17 4:15 p.m.14 views

Path traversal

Adobe Campaign version 21.2.1 and earlier is affected by a Path Traversal vulnerability that could lead to reading arbitrary server files. By leveraging an exposed XML file, an unauthenticated attacker can enumerate other files on the server...

5CVSS7.4AI score0.01819EPSS
Exploits0References1Affected Software1
0day.today
0day.todayadded 2015/12/01 12:0 a.m.30 views

Zenphoto 1.4.10 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Zenphoto 1.4.10 - Local File Inclusion Vulnerability Vendor: ==================== www.zenphoto.org Product: =================== Zenphoto 1.4.10 Vulnerability Details: ====================== Zen Photos pluginDoc.php PHP file is vulnerable to...

7.1AI score
Exploits0
Rows per page
Query Builder