Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Nuclei
Nucleiadded yesterday16 views

Thinfinity Iframe Injection

A vulnerability exists in Thinfinity VirtualUI in a function located in /lab.html reachable which by default could allow IFRAME injection via the "vpath" parameter. id: CVE-2021-45092 info: name: Thinfinity Iframe Injection author: danielmofer severity: critical description: A vulnerability exist...

9.8CVSS6.6AI score0.81835EPSS
Exploits7References5
Nuclei
Nucleiadded yesterday26 views

Thinfinity VirtualUI User Enumeration

Thinfinity VirtualUI before v3.0, /changePassword returns different responses for requests depending on whether the username exists. It may enumerate OS users Administrator, Guest, etc. id: CVE-2021-44848 info: name: Thinfinity VirtualUI User Enumeration author: danielmofer severity: medium...

5.3CVSS5.9AI score0.61005EPSS
Exploits4References5
Exploit DB
Exploit DBadded 2022/02/21 12:0 a.m.275 views

Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection

Exploit Title: Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection Date: 16/12/2021 Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version: Thinfinity VirtualUI " where "vpath=//" is the pointer to the external site t...

9.8CVSS9.7AI score0.81835EPSS
Exploits3
Exploit DB
Exploit DBadded 2022/02/21 12:0 a.m.267 views

Thinfinity VirtualUI 2.5.26.2 - Information Disclosure

Exploit Title: Thinfinity VirtualUI 2.5.26.2 - Information Disclosure Date: 18/01/2022 Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version vulnerable: Thinfinity VirtualUI ?...

7.5CVSS7.7AI score0.39202EPSS
Exploits3
0day.today
0day.todayadded 2022/02/21 12:0 a.m.266 views

Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection Vulnerability

Exploit Title: Thinfinity VirtualUI 2.5.41.0 - IFRAME Injection Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version: Thinfinity VirtualUI " where "vpath=//" is the pointer to the external site to be iframed...

9.8CVSS0.3AI score0.81835EPSS
Exploits3
0day.today
0day.todayadded 2022/02/21 12:0 a.m.252 views

Thinfinity VirtualUI 2.5.26.2 - Information Disclosure Vulnerability

Exploit Title: Thinfinity VirtualUI 2.5.26.2 - Information Disclosure Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version vulnerable: Thinfinity VirtualUI ? cmd=connect&wscompression=true&destAddr=domain.com...

7.5CVSS7.6AI score0.39202EPSS
Exploits3
Packet Storm
Packet Stormadded 2022/02/21 12:0 a.m.268 views

Thinfinity VirtualUI 2.5.26.2 Information Disclosure

Exploit Title: Thinfinity VirtualUI 2.5.26.2 - Information Disclosure Date: 18/01/2022 Exploit Author: Daniel Morales Vendor: https://www.cybelesoft.com Software Link: https://www.cybelesoft.com/thinfinity/virtualui/ Version vulnerable: Thinfinity VirtualUI ?...

7.5CVSS7.6AI score0.39202EPSS
Exploits3
Rows per page
Query Builder