Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

wpexploit
wpexploitadded 2023/03/11 12:0 a.m.120 views

WH Testimonials <= 3.0.0 - Unauthenticated Stored XSS

The plugin does not sanitise and escape the whhomepage, whtextshort and whtextfull parameters of submitted Testimonials, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks curl -X POST 'http://example.com/add/' \ -H 'Content-Type: multipart/form-data;...

7.2CVSS6.3AI score0.01835EPSS
Exploits2References1
CNVD
CNVDadded 2018/02/09 12:0 a.m.2 views

Quest NetVault Backup Arbitrary Code Execution Vulnerability

Quest NetVault Backup is a scalable data backup and recovery solution for organizations with multiple IT environments. An arbitrary code execution vulnerability exists in nvwsworker.exe in Quest NetVault Backup 11.2.0.13. The vulnerability arises because when parsing the boundary header of a...

10CVSS8.1AI score0.40555EPSS
Exploits0References1
OSV
OSVadded 2018/02/08 6:29 p.m.2 views

CVE-2018-1161

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Authentication is not required to exploit this vulnerability. The specific flaw exists within nvwsworker.exe. When parsing the boundary header of a multipart reques...

9.8CVSS6.2AI score
Exploits0References1
Rows per page
Query Builder