Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEadded 2025/12/30 1:2 a.m.3 views

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL Injection vulnerability...

8.8CVSS7.8AI score0.00461EPSS
Exploits0References1
NVD
NVDadded 2025/12/29 7:15 p.m.3 views

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL Injection vulnerability...

8.8CVSS0.00461EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/29 12:0 a.m.2 views

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL Injection vulnerability...

7.3AI score0.00461EPSS
Exploits0References2
CVE
CVEadded 2025/12/29 12:0 a.m.9 views

CVE-2025-67255

CVE-2025-67255 affects NagiosXI 2026R1.0.1 build 1762361101. The issue is due to dashboard parameters not being properly filtered, enabling an SQL Injection by any authenticated user. The CVSSv3.1 base score is 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, PRIVILEGES REQUIRED: LOW...

8.8CVSS7.4AI score0.00461EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2025/12/29 12:0 a.m.20 views

CVE-2025-67255

In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any authenticated user to exploit a SQL Injection vulnerability...

0.00461EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/29 12:0 a.m.3 views

PT-2025-53775

Name of the Vulnerable Software and Affected Versions NagiosXI version 2026R1.0.1 build 1762361101 Description Dashboard parameters in the software do not have sufficient filtering, which allows authenticated users to exploit a SQL Injection issue. The vulnerability allows unauthorized access to...

7.4AI score0.00461EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-18314

Malware in sbrugna...

8.8CVSS8.8AI score0.00112EPSS
Exploits1References2
OSV
OSVadded 2024/05/02 3:15 p.m.1 views

CVE-2023-47727

IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.20.0 could allow an authenticated user to modify dashboard parameters due to improper input validation. IBM X-Force ID: 272089...

4.3CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/05/02 12:0 a.m.1 views

PT-2024-5311 · Ibm · Ibm Cloud Pak For Security +1

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 IBM QRadar Suite Software versions 1.10.12.0 through 1.10.20.0 Description: The issue exists due to insufficient input validation, allowing a remote attacker to modify dashboard...

4.3CVSS7AI score0.00045EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletinsadded 2024/05/01 1:12 p.m.25 views

Security Bulletin: IBM QRadar Suite software is vulnerable to injection attacks

Summary IBM QRadar Suite software is vulnerable to injection attacks through dashboard parameters. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version...

4.3CVSS4.9AI score0.00045EPSS
Exploits0Affected Software1
CNVD
CNVDadded 2020/04/21 12:0 a.m.2 views

PrestaShop cross-site scripting vulnerability (CNVD-2020-25939)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A cross-site scripting vulnerability exists in the 'datefrom' and 'dateto' parameters...

6.1CVSS6.4AI score0.00218EPSS
Exploits0References1
Rows per page
Query Builder