Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Packet Storm
Packet Stormadded 2024/11/22 12:0 a.m.319 views

SEH utnserver Pro 20.1.22 Cross Site Scripting

St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version| 20.1.22 fixed version| 20.1.35 CVE number| CVE-2024-11304 impact| High homepage|...

5.1CVSS7.1AI score0.00535EPSS
Exploits1
Openbugbounty
Openbugbountyadded 2023/10/28 10:0 p.m.14 views

wohnpark-roemerkessel.de Improper Access Control vulnerability OBB-3767945

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
Packet Storm
Packet Stormadded 2023/10/03 12:0 a.m.376 views

openVIVA c2 20220101 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting product: mb Support broker management solution openVIVA c2 vulnerable version: 20220801 CVE number: CVE-2022-39172 impact: Medium homepage:...

7.1AI score0.00628EPSS
Exploits2
Packet Storm
Packet Stormadded 2023/02/15 12:0 a.m.364 views

B&R Systems Diagnostics Manager Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple XSS Vulnerabilities product: B&R Systems Diagnostics Manager vulnerable version: =3.00 and =D4.93 CVE number: CVE-2022-4286 impact: medium homepage:...

0.2AI score0.00564EPSS
Exploits1
Packet Storm
Packet Stormadded 2022/04/27 12:0 a.m.221 views

Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege Escalation product: Miele Benchmark Programming Tool vulnerable version: at least 1.1.49 and 1.2.71 fixed version: 1.2.72 CVE number: CVE-2022-22521 impact:...

1AI score0.00521EPSS
Exploits2
0day.today
0day.todayadded 2020/08/11 12:0 a.m.234 views

flatCore CMS 1.5.5 Cross Site Scripting / Arbitrary File Upload Vulnerabilities

Exploit for php platform in category web applications title: Multiple Vulnerabilities product: flatCore CMS vulnerable version: =1.5.5 fixed version: 1.5.7 CVE number: - impact: High homepage: https://flatcore.org/ found: 2020-03-28 by: Farhan Rahman Office Malaysia Azrul Ikhwan Zulkifli Office...

Exploits0
Openbugbounty
Openbugbountyadded 2020/07/21 6:23 a.m.6 views

suprawheel.com Cross Site Scripting vulnerability OBB-1233688

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Packet Storm
Packet Stormadded 2020/06/01 12:0 a.m.231 views

We-Com OpenData CMS 2.0 SQL Injection

Exploit Title: We-com OpenData CMS 2.0 Authentication Bypass / SQL Injection Google Dork:N/A Date: 2020-04-17 Exploit Author: @ThelastVvV Vendor Homepage: https://www.we-com.it/ Version: 2.0 Tested on: 5.5.0-kali1-amd64 --------------------------------------------------------- Vendor contact...

7.4AI score
Exploits0
0day.today
0day.todayadded 2020/03/08 12:0 a.m.147 views

Creative Contact Form 4.6.2 Directory Traversal Vulnerability

Creative Contact Form version 4.6.2 before Dec 03 2019 suffers from a directory traversal vulnerability. Directory Traversal in Creative Contact Form Overview Identifier: AIT-SA-20200301-01 Target: Creative Contact Form for Joomla Vendor: Creative Solutions Version: 4.6.2 before Dec 03 2019 CVE:...

0.1AI score0.0307EPSS
Exploits3
Packet Storm
Packet Stormadded 2020/01/22 12:0 a.m.162 views

ZOHO ManageEngine ServiceDeskPlus 11.0 Build 11007 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected XSS product: ZOHO ManageEngine ServiceDeskPlus vulnerable version: = 11.0 Build 11007 fixed version: 11.0 Build 11010 CVE number: CVE-2020-6843 impact: medium...

0.3AI score0.02383EPSS
Exploits2
Exploit DB
Exploit DBadded 2019/09/13 12:0 a.m.297 views

LimeSurvey 3.17.13 - Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

5.4CVSS6.2AI score0.04611EPSS
Exploits8
Packet Storm
Packet Stormadded 2019/09/12 12:0 a.m.199 views

LimeSurvey 3.17.13 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

3.5CVSS0.1AI score0.04611EPSS
Exploits8
Packet Storm
Packet Stormadded 2019/01/24 12:0 a.m.86 views

CA AWI 12.0 / 12.1 / 12.2 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Cross-site scripting product: CA Automic Workload Automation Web Interface AWI formerly Automic Automation Engine, UC4 vulnerable version: 12.0, 12.1, 12.2 fixed version:...

0.3AI score0.02008EPSS
Exploits1
0day.today
0day.todayadded 2018/09/19 12:0 a.m.105 views

Moodle 3.x PHP Unserialize Remote Code Execution Exploit

Exploit for php platform in category web applications ======================================================================= title: Remote Code Execution via PHP unserialize product: Moodle - Open-source learning platform vulnerable version: 3.5 to 3.5.1, 3.4 to 3.4.4, 3.1 to 3.1.13 and earlier...

0.1AI score0.04425EPSS
Exploits3
0day.today
0day.todayadded 2018/05/15 12:0 a.m.78 views

MyBiz MyProcureNet 5.0.0 File Upload / Cross Site Scripting Vulnerabilities

MyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities. title: Arbitrary File Upload & Cross-site scripting product: MyBiz MyProcureNet vulnerable version: 5.0.0 fixed version: unknown CVE number: - impact: Critical homepage: http://www.mybiz.net...

0.1AI score0.03773EPSS
Exploits1
Packet Storm
Packet Stormadded 2018/04/26 12:0 a.m.68 views

hik-connect.com / ezvizlife.com Authentication Bypass

There is a full write up of this bug here: https://medium.com/@evstykas/hackvision-8f50924e56d Vulnerability Security Advisory ======================================================================= title: No validation on cookie values product: hik-connect.com and ezvizlife.com vulnerable versio...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2018/02/21 12:0 a.m.55 views

Navarino Infinity Blind SQL Injection / Session Fixation

There is also a blog post about that on: https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3 Vulnerability Security Advisory ======================================================================= title: Multiple vulnerabilities product: All Navarino infinity products...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2017/09/29 12:0 a.m.49 views

SolarWinds Network Performance Monitor 12.0.15300.90 Cross Site Scripting

------------------------------------------------------------- Vulnerability type: Persistent Cross-Site Scripting ------------------------------------------------------------- Credit: Andy Tan CVE ID: CVE-2017-9537 ----------------------------------------------- Product: SolarWinds Network...

5.2AI score0.02822EPSS
Exploits2
0day.today
0day.todayadded 2017/09/15 12:0 a.m.34 views

VLC Media Player iOS App 2.7.8 File Disclosure Vulnerability

VLC Media Player iOS application version 2.7.8 suffers from a file disclosure vulnerability. title: Local File Disclosure product: VLC media player iOS app vulnerable version: 2.7.8 fixed version: 2.8.1 CVE number: - impact: Medium homepage:...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2017/08/01 12:0 a.m.21 views

SOL.Connect ISET-mpp meter 1.2.4.2 - SQL Injection

SOL.Connect ISET-mpp meter 1.2.4.2 - SQL Injection Vulnerability type: SQL injection, leading to administrative access through authentication bypass. ----------------------------------- Product: SOL.Connect ISET-mpp meter ----------------------------------- Affected version: SOL.Connect ISET-mpp...

7.5CVSS0.5AI score0.03746EPSS
Exploits4
Rows per page
Query Builder