Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/11/17 7:3 a.m.12 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS6.5AI score0.00061EPSS
Exploits1References1
NVD
NVDadded 2025/11/14 9:15 p.m.3 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS0.00061EPSS
Exploits1References4
OSV
OSVadded 2025/11/14 9:15 p.m.2 views

CVE-2025-13185

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

7.2CVSS5.5AI score
Exploits0References4
EUVD
EUVDadded 2025/11/14 9:2 p.m.4 views

EUVD-2025-197658

A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profileimage/bannerimage results in unrestricted upload. The attack can be launched remotely. The exploit has been...

5.8CVSS6.2AI score0.00061EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/11/14 12:0 a.m.1 views

Bdtask News365 代码问题漏洞

Bdtask News365 is a web magazine software from Bdtask Bangladesh. A code issue vulnerability exists in Bdtask News365 7.0.3 and earlier versions, which stems from incorrect manipulation of the parameters profileimage/bannerimage in the file /admin/dashboard/profile, which may result in unlimited...

7.2CVSS5AI score0.00061EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/10/07 11:13 p.m.7 views

CVE-2025-61997 OPEXUS FOIAXpress stored XSS via banner image

OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other content within the Annual Report Enterprise Banner image upload field. Injected content is executed in the context of other users when they generate an Annual Report. Successful exploitation allows the...

4.8CVSS0.0003EPSS
Exploits0References3
Cvelist
Cvelistadded 2022/11/14 12:0 a.m.16 views

CVE-2022-3992 SourceCodester Sanitization Management System Banner Image cross site scripting

A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=systeminfo of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can...

2.4CVSS6.2AI score0.00218EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2021/01/25 12:0 a.m.407 views

MyBB Timeline Plugin 1.0 - Persistent Cross-Site Scripting

Exploit Title: MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF Date: 1/21/2021 Author: 0xB9 Software Link: https://community.mybb.com/mods.php?action=view&pid=1428 Version: 1.0 Tested on: Windows 10 1. Description: MyBB Timeline replaces the default MyBB user profile. This introduces...

7.4AI score
Exploits0
Rows per page
Query Builder