Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-10356

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.01677EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/04/09 2:19 a.m.7 views

CVE-2025-28407

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/dictId endpoint does not properly validate whether the requesting user has permission to modify the specified dictId...

8.8CVSS7.4AI score0.01677EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/04/07 12:0 a.m.2 views

PT-2025-15238 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the postID parameter in the edit method. Recommendations: For RUoYi version 4.8.0, consider disabling the edit method until a patch is...

6.7CVSS7.3AI score0.0072EPSS
Exploits1References9
CVE
CVEadded 2025/04/07 12:0 a.m.41 views

CVE-2025-28400

CVE-2025-28400 affects RUoYi v4.8.0. A remote attacker can escalate privileges via the postID parameter in the edit method. Documented impact includes elevated privileges; CVSSv3.1 base score 6.7 (Medium). No explicit exploit details are provided in the connected documents. Remediation details ar...

6.7CVSS7.2AI score0.0072EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/04/07 12:0 a.m.4 views

PT-2025-15247 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the edit method of the "/edit/dictId" endpoint, which does not properly validate whether the requesting user has permission to modify the...

8.8CVSS6.4AI score0.01677EPSS
Exploits1References8
Vulnrichment
Vulnrichmentadded 2025/04/07 12:0 a.m.10 views

CVE-2025-28407

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/dictId endpoint does not properly validate whether the requesting user has permission to modify the specified dictId...

7.3AI score0.01677EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/04/07 12:0 a.m.1 views

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi v.4.8.0, which stems from the edit method not properly verifying the privileges of the requesting user, which could result in modifying the specified dictId...

8.8CVSS6.6AI score0.01677EPSS
Exploits1References2
Snyk
Snykadded 2024/10/25 9:31 p.m.1 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the edit method in controller\Table.php file. An attacker can manipulate SQL queries and access or modify data in the database. Remediation There is no fixed version for funadmin/funadmin. References - GitHub Issue...

9.8CVSS7.9AI score0.00188EPSS
Exploits1References2
CNVD
CNVDadded 2017/08/22 12:0 a.m.1 views

EBCMS v1.8.2 SQL Injection Vulnerability in edit,channel,status and delete Methods

EBCMS short for EBCMS is a modular plug-in website management system based on PHP+Mysql. EBCMS v1.8.2 SQL injection vulnerability exists in the edit,channel,status and delete methods. The vulnerability is due to the system id parameter does not filter the data submitted by the user , a remote...

7.7AI score
Exploits0
Rows per page
Query Builder