Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-59235

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00151EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-44861

Malicious code in bioql PyPI...

8CVSS7.8AI score0.01148EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-22369

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00055EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:32 a.m.2 views

CVE-2024-27113

An unauthenticated Insecure Direct Object Reference IDOR to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying database by exporting it as a CSV file. The vulnerability...

9.8CVSS7.1AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:14 p.m.15 views

CVE-2022-3558

The Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files...

8CVSS6.8AI score0.00838EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2024/12/19 1:41 p.m.13 views

CVE-2024-9102 phpLDAPadmin: Improper Neutralization of Formula Elements

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

5CVSS6.3AI score0.00141EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/03/15 7:21 p.m.30 views

CVE-2024-27100 Denial of service via Staff Actions in Discourse

Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could...

6.5CVSS6.5AI score0.00089EPSS
Exploits0References2
CVE
CVEadded 2024/01/11 8:32 a.m.39 views

CVE-2023-7048

CVE-2023-7048 affects the WordPress plugin My Sticky Bar (formerly myStickymenu) up to version 2.6.6. The issue is a Cross-Site Request Forgery caused by missing/incorrect nonce validation in mystickymenu-contact-leads.php, enabling unauthenticated attackers to trigger a CSV export containing con...

4.3CVSS4.6AI score0.00151EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/01/11 8:32 a.m.5 views

CVE-2023-7048 My Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information Exposure

The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a C...

3.1CVSS6.5AI score0.00151EPSS
Exploits0References2
Rows per page
Query Builder