Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2016-10218

Malware in sbrugna...

6.1CVSS6.7AI score0.00611EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-49534

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00042EPSS
Exploits2References2
RedhatCVE
RedhatCVEadded 2025/05/22 7:36 p.m.3 views

CVE-2021-29452

a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make th...

8.1CVSS7.1AI score0.00248EPSS
Exploits0References1
Huntr
Huntradded 2023/06/17 5:39 p.m.11 views

Able to edit users owned by other administration users

Description Exploiting a vulnerability 'Take ownership' of any user, thereby being able to edit all users. Proof of Concept Step 1: We have user1 owned by admin1. \ Step 2: By doing the 'Take ownership' action, the user1 is now owned by admin2 \ \ Step 3: Now, admin2 is able to edit user1, and ev...

6.9AI score
Exploits0
CNNVD
CNNVDadded 2023/04/18 12:0 a.m.1 views

XWiki Platform 注入漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. XWiki Platform suffers from an injection vulnerability that stems from the fact that any user with editing privileges to any document e.g., their own user profile can execute cod...

9.9CVSS8.4AI score0.30218EPSS
Exploits1References5
OSV
OSVadded 2022/11/15 3:15 p.m.2 views

CVE-2022-42001

Cross-site Scripting XSS vulnerability in BlueSpiceBookshelf extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the book navigation...

5.4CVSS5.9AI score0.00298EPSS
Exploits0References1
NVD
NVDadded 2022/02/10 7:15 p.m.9 views

CVE-2022-23321

A persistent cross-site scripting XSS vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0...

4.8CVSS0.00389EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2022/02/10 7:15 p.m.3 views

CVE-2022-23321

A persistent cross-site scripting XSS vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0...

4.8CVSS5.7AI score0.00389EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/02/10 6:11 p.m.12 views

CVE-2022-23321

A persistent cross-site scripting XSS vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0...

5.2AI score0.00389EPSS
Exploits1References3
NVD
NVDadded 2017/01/31 10:59 p.m.14 views

CVE-2016-9408

Cross-site scripting XSS vulnerability in the Mod control panel in MyBB aka MyBulletinBoard before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors involving editing users...

6.1CVSS6AI score0.00611EPSS
Exploits0References4
Rows per page
Query Builder