Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/05/23 6:32 p.m.17 views

CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability. An unauthenticated attacker can inject PHP into the db_name parameter via a POST to install/step1.php , then trigger code execution through the check.php endpoint using the cmd parameter. The CVE documents indicate a critical ...

9.8CVSS6.7AI score0.0061EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/07 11:1 p.m.3 views

CVE-2026-35448

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authentication. The endpoint was designed as an AJAX polling helper for the authenticated invoice.php page...

3.7CVSS5.9AI score0.00019EPSS
Exploits1References1
NVD
NVDadded 2026/04/06 10:16 p.m.1 views

CVE-2026-35448

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authentication. The endpoint was designed as an AJAX polling helper for the authenticated invoice.php page...

3.7CVSS0.00019EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/12/14 3:2 a.m.1 views

CVE-2025-14643 code-projects Simple Attendance Record System check.php sql injection

A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made...

7.5CVSS6.5AI score0.00028EPSS
Exploits1References5
OSV
OSVadded 2024/01/09 9:15 p.m.1 views

CVE-2024-0344

A vulnerability, which was classified as critical, has been found in soxft TimeMail up to 1.1. Affected by this issue is some unknown functionality of the file check.php. The manipulation of the argument c leads to sql injection. The exploit has been disclosed to the public and may be used. The...

9.8CVSS5.5AI score0.00073EPSS
Exploits0References3
OSV
OSVadded 2018/09/17 6:29 a.m.1 views

CVE-2018-17136

zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header...

9.8CVSS5.8AI score
Exploits0References1
CNVD
CNVDadded 2017/09/25 12:0 a.m.3 views

Reflected Cross-Site Scripting Vulnerability in MetInfo's login_check.php Page

MetInfo is a Content Management System CMS developed using PHP and Mysql. A reflective cross-site scripting vulnerability exists in the logincheck.php page in MetInfo version 5.3.18. An attacker can construct XSS statements and perform pop-up box operations to obtain user cookies and other...

5.8AI score
Exploits0
Rows per page
Query Builder