Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/12/12 5:2 a.m.1 views

EUVD-2025-203019

SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If exploited, information stored in the database may be obtained or altered by an authenticated user...

5.4CVSS6.9AI score0.00019EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/12 12:0 a.m.2 views

PT-2025-50877

SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If exploited, information stored in the database may be obtained or altered by an authenticated user...

5.4CVSS7.4AI score0.00019EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/12 12:0 a.m.3 views

PT-2025-50875

In GroupSession, a Circular notice can be created with its memo field non-editable, but the authorization check is improperly implemented. With some crafted request, a logged-in user may alter the memo field. The affected products and versions are GroupSession Free edition prior to ver5.3.0,...

5.3CVSS6.8AI score0.00029EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/10/22 4:54 a.m.5 views

Multiple stored cross-site scripting vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple stored cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in Edit ContentData page CWE-79 - CVE-2025-54856 Stored cross-site scripting vulnerability in Edit CategorySet of ContentType page...

4.8CVSS6.1AI score0.00024EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/08/20 12:0 a.m.6 views

JVN#76729865: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source(CWE-348) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-53522 Open...

6.9CVSS7.8AI score0.0005EPSS
Exploits0
Packet Storm
Packet Stormadded 2023/10/03 12:0 a.m.400 views

SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...

7.1AI score
Exploits0
CNVD
CNVDadded 2019/08/01 12:0 a.m.1 views

Alcatel-Lucent Enterprise 8008 Cloud Edition Deskphone VoIP Command Injection Vulnerability

ALE 8008 Cloud Edition Deskphone VoIP is a cloud edition desktop IP phone from ALE France. A command injection vulnerability exists in the password change field of the password change screen in the Alcatel-Lucent Enterprise ALE 8008 Cloud Edition Deskphone VoIP with firmware version 1.50.13, whic...

8CVSS7.9AI score0.02153EPSS
Exploits1References1
Rows per page
Query Builder