Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CNNVD
CNNVDadded 2025/09/30 12:0 a.m.3 views

Rapid7 AppSpider Pro 数据伪造问题漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A data forgery issue vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021, which stems from insufficient project nam...

3.3CVSS6.6AI score0.00015EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/25 2:41 p.m.6 views

CVE-2025-36857 Rapid7 Appspider Broken Access Control Vulnerability

Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in directories belonging to other users or projects. Affected versions allow standard users to add custom...

3.3CVSS0.00018EPSS
Exploits0References1
CVE
CVEadded 2025/09/25 2:41 p.m.9 views

CVE-2025-36857

CVE-2025-36857 — Rapid7 Appspider Pro versions prior to 7.5.021 suffer a broken access control in the configuration file loading mechanism. The issue allows a standard user to place custom configuration files in other users’ or projects’ directories, and since files are loaded in alphabetical ord...

3.3CVSS6.4AI score0.00018EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder