Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-8896

Malware in sbrugna...

6.1CVSS6.2AI score0.00209EPSS
Exploits3References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2009-4731

Malware in sbrugna...

9.3CVSS6.4AI score0.02464EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 10:38 a.m.6 views

CVE-2024-47528

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting XSS can be achieved by uploading a new Background for a Custom Map. Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload...

4.8CVSS5.2AI score0.00406EPSS
Exploits1
CISA KEV Catalog
CISA KEV Catalogadded 2024/11/12 12:0 a.m.13 views

Metabase GeoJSON API Local File Inclusion Vulnerability

Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data...

10CVSS6.5AI score0.94353EPSS
In wildExploits5
OSV
OSVadded 2024/10/01 10:27 p.m.10 views

GHSA-X8GM-J36P-FPPF LibreNMS vulnerable to Stored Cross-site Scripting via File Upload

Summary Stored Cross-Site Scripting XSS can archive via Uploading a new Background for a Custom Map. Details Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload which will trigger onload. This led to Stored Cross-Site Scripti...

4.8CVSS4.9AI score0.00406EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2024/10/01 10:27 p.m.21 views

LibreNMS vulnerable to Stored Cross-site Scripting via File Upload

Summary Stored Cross-Site Scripting XSS can archive via Uploading a new Background for a Custom Map. Details Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload which will trigger onload. This led to Stored Cross-Site Scripti...

4.8CVSS5.3AI score0.00406EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2024/06/29 5:15 p.m.12 views

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...

8.8CVSS0.00151EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/06/29 12:0 a.m.14 views

CVE-2024-39840

Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...

7.7AI score0.00151EPSS
Exploits0References2
CVE
CVEadded 2024/06/29 12:0 a.m.92 views

CVE-2024-39840

Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...

8.8CVSS7.5AI score0.00151EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/06/29 12:0 a.m.3 views

PT-2024-28696 · Factorio · Factorio

Name of the Vulnerable Software and Affected Versions: Factorio versions prior to 1.1.101 Description: The issue allows a crafted server to execute arbitrary code on clients via a custom map. This is achieved by leveraging the ability of certain Lua base module functions to execute bytecode and...

8.8CVSS8.1AI score0.00151EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEVadded 2022/05/31 12:0 a.m.0 views

VulnCheck KEV: CVE-2021-41277

Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data...

10CVSS7.3AI score0.94353EPSS
Exploits5References1
Hacker One
Hacker Oneadded 2018/05/13 12:57 a.m.61 views

Valve: Malformed .BSP Access Violation in CS:GO can lead to Remote Code Execution

A malformed .BSP can trigger an Access Violation on CS:GO that can lead to arbitrary code execution on a remote computer. I have attached a copy of the malformed .BSP which reliably triggers an Access Violation on CS:GO. Impact An attacker hosting a malicious server could compromise a remote clie...

4AI score
Exploits0
CNVD
CNVDadded 2017/12/20 12:0 a.m.3 views

WordPress custom-map plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . custom-map plugin is used in one of the custom map plugin . A cross-site scripting vulnerability exists in WordPres...

6.1CVSS6.1AI score0.00209EPSS
Exploits3References1
Packet Storm
Packet Stormadded 2017/12/20 12:0 a.m.76 views

WordPress Custom Map 1.1 Cross Site Scripting

Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web...

0.00209EPSS
Exploits3
Patchstack
Patchstackadded 2017/12/20 12:0 a.m.15 views

WordPress Custom Map plugin <=1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Custom Map plugin versions =1.1. Solution Dec 20, 2017 - we were unable to find a patched version of this plugin. Uninstall or use it at your own risk...

6.1CVSS1.6AI score0.00209EPSS
Exploits3References1Affected Software1
0day.today
0day.todayadded 2017/12/20 12:0 a.m.34 views

WordPress Custom Map 1.1 Cross Site Scripting Vulnerability

WordPress Custom Map plugin version 1.1 suffers from a cross site scripting vulnerability. Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the...

4.3CVSS6.2AI score0.00209EPSS
Exploits3
Prion
Prionadded 2017/12/19 8:29 p.m.14 views

Cross site scripting

A cross-site scripting XSS vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mapid parameter to view/advancedsettings.php...

4.3CVSS6AI score0.00209EPSS
Exploits3References2Affected Software1
OSV
OSVadded 2017/12/19 8:29 p.m.0 views

CVE-2017-17744

A cross-site scripting XSS vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mapid parameter to view/advancedsettings.php...

6.1CVSS5.8AI score
Exploits0References2
Cvelist
Cvelistadded 2017/12/19 8:0 p.m.15 views

CVE-2017-17744

A cross-site scripting XSS vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mapid parameter to view/advancedsettings.php...

6.1AI score0.00209EPSS
Exploits3References2
CVE
CVEadded 2017/12/19 8:0 p.m.48 views

CVE-2017-17744

The CVE-2017-17744 entry concerns the WordPress Custom Map plugin (

6.1CVSS6AI score0.00209EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder