Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/04/23 11:54 p.m.6 views

CVE-2026-27843

SenseLive X3050 is affected by CVE-2026-27843, where the web management interface permits modification of critical configuration parameters without sufficient authentication or server-side validation. By feeding unsupported or disruptive values to recovery mechanisms and network settings, an atta...

9.2CVSS5.7AI score0.0011EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.3 views

PT-2026-34802

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can...

9.2CVSS5.7AI score0.0011EPSS
Exploits0References5
OSV
OSVadded 2023/08/24 12:53 p.m.10 views

GHSA-Q4PP-J36H-3GQG Minimal `basti` IAM Policy Allows Shell Access

Summary The provided Minimal IAM Policy for bastic connect does not include ssm:SessionDocumentAccessCheck. This results in the ability to get a shell session on the bastion, not just the intended access for Port Forwarding. Details basti connect is designed to "securely connect to your...

7AI score
Exploits0References3
NVD
NVDadded 2022/10/31 9:15 p.m.9 views

CVE-2022-40296

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading to attacks in other downstream systems...

9.8CVSS0.00363EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/10/31 8:7 p.m.11 views

CVE-2022-40296 Server-side request forgery (SSRF) in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC.

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading to attacks in other downstream systems...

9.4AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/10/31 12:0 a.m.1 views

PHP Point of Sale 代码问题漏洞

PHP Point of Sale is an online point of sale system for small retail businesses by PHP Point of Sale, Inc. A security vulnerability exists in PHP Point of Sale LLC version 19.0 that stems from the application's susceptibility to a server-side request forgery attack that allows a back-end server t...

9.8CVSS8.3AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/10/31 12:0 a.m.2 views

PT-2022-25332 · Php Point Of Sale Llc +1 · Php Point Of Sale

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, so: Application affected versions not specified Description: The application is susceptible to Server-Side Request Forgery attacks. This allows the backend server to interact with unexpected...

9.8CVSS9.1AI score0.00363EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/02/15 12:0 a.m.1 views

ScratchOAuth2 安全漏洞

Kenny2github ScratchOAuth2 is a Kenny2github open source application. Verify that a Scratch account is authentic for authorization or identification purposes. ScratchOAuth2 has a security vulnerability that stems from a problem with authentication in ScratchOAuth2's SOA2Login::comment, allowing a...

10CVSS8.3AI score0.00433EPSS
Exploits0References2
Rows per page
Query Builder