Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2025/10/01 12:0 a.m.2 views

Termix 安全漏洞

Termix is a server management platform for Karmaa individual developers. A security vulnerability exists in Termix 1.5.0 and earlier versions, which stems from an improperly configured Nginx reverse proxy that causes the backend to obtain the proxy IP instead of the client IP, potentially leaking...

9.2CVSS6.7AI score0.00051EPSS
Exploits1References2
seebug.org
seebug.orgadded 2018/06/04 12:0 a.m.581 views

DedeCMS后台地址爆破漏洞

...

0.8AI score
Exploits0
seebug.org
seebug.orgadded 2015/12/24 12:0 a.m.74 views

aspcms最新版逻辑错误导致后台地址泄露

简要描述: 后台管理目录对于不少的web系统来说非常重要,一旦后台地址泄露,很可能造成致命的打击。 详细说明: aspcms的自带插件都存在泄露后台地址的漏洞。 例如下图所示/plug/oem/AspCmsOEMFun.asp文件: 直接浏览器访问: http://.../plug/oem/AspCmsOEM.asp 即可弹出错误提示,然后重定向用户到真正的后台地址。。。 漏洞证明:...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2015/09/18 12:0 a.m.223 views

NindonCMS /plug/comment/commentList.asp sql注入漏洞

漏洞描述:NindonCMS系统对访问者提交的数据参数过滤不严,导致攻击者可以随时提交构造好的SQL语句查询数据库获取敏感信息。同时,系统默认后台地址也相当容易暴露。漏洞详情:由于NindonCMS系统是基于开源ASPCMS开发,所以如果开发人员在开发过程中不注意,则会导致很多现在已经补上的ASPCMS漏洞在二次开发的CMS系统上重现。这个漏洞源于ASPCMS系统,但是既然是做二次开发,就应该尽力去弥补安全上的不足。其原理很明确:NindonCMS在处理浏览器提交的数据时使用filterPara函数过滤,这个函数接着调用了PreventSqlin和Checkxss两个函数进行字符过滤,P...

7AI score
Exploits0
CNVD
CNVDadded 2015/04/02 12:0 a.m.2 views

SAP EMR Unwired and Clinical Task Tracker Access Restriction Bypass Vulnerabilities

SAP EMR Unwired is a mobile app that enables physicians and nurses to instantly access patient data when they need it.SAP Clinical Task Tracker is an easy and secure way to access clinical tasks assigned to your patients anytime, anywhere. SAP EMR Unwired and Clinical Task Tracker fail to properl...

6.4CVSS6.8AI score0.0046EPSS
Exploits0References1
myhack58
myhack58added 2010/10/05 12:0 a.m.11 views

nileweb School CMS injection vulnerability and repair programme-vulnerability warning-the black bar safety net

nileweb School CMS program index. php parameter filtering is not strictly the presence of injection vulnerabilities. Batch google. cn inurl:index. php? action= http://localhost/index.php?action=cms/showpaget&pageid=-21+/! uniOn/+select+1,convertgrOupcOncatusername,0x3a,password using...

0.4AI score
Exploits0
myhack58
myhack58added 2009/10/28 12:0 a.m.10 views

Woven dream management system Background The find-a vulnerability warning-the black bar safety net

Sometimes in the by injection to give the weave the dream program's administrative password, but found that can't find the backend address. This time we can try the following in the address followed by: the/include/dialog/selectmedia. php? f=form1. murl But not necessarily pass to kill it.. By:th...

2.3AI score
Exploits0
myhack58
myhack58added 2009/09/24 12:0 a.m.12 views

Woven dream management system Background The find-a vulnerability warning-the black bar safety net

Sometimes in the by injection to give the weave the dream program's administrative password, but found that can't find the backend address. This time we can try the following in the address followed by: the/include/dialog/selectmedia. php? f=form1. murl But not necessarily pass to kill it.. By:th...

2.3AI score
Exploits0
Rows per page
Query Builder