Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/02/27 5:15 a.m.4 views

CVE-2024-13905

The OneStore Sites plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.1.1 via the class-export.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and...

9.1CVSS5.8AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/11/08 12:0 a.m.3 views

PT-2023-7017 · Comodo · Itop

Name of the Vulnerable Software and Affected Versions: Combodo iTop version 3.1.0-2-11973 Description: The issue is related to a CSV injection in the export as CSV feature, allowing a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components...

7.8CVSS7.8AI score0.00115EPSS
Exploits0References9
OSV
OSVadded 2020/03/12 2:15 p.m.0 views

CVE-2020-10390

OS Command Injection in export.php vulnerable function called from include/functions-article.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php...

7.2CVSS7.2AI score0.047EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2020/03/12 12:0 a.m.2 views

PT-2020-12060 · Wkhtmltopdf +1 · Wkhtmltopdf +1

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows remote attackers to achieve code execution by saving the code to be executed as the wkhtmltopdf path via the admin/save-settings.php endpoint. This is made possible...

7.2CVSS7.4AI score0.047EPSS
Exploits1References3
CNVD
CNVDadded 2019/03/26 12:0 a.m.1 views

LimeSurvey Access Control Error Vulnerability

LimeSurvey formerly known as PHPSurveyor is a set of open source online questionnaire survey program from the LimeSurvey team, which supports survey program development, questionnaire distribution, and data collection. A security vulnerability exists in the 'downloadZip' function of the...

9.8CVSS6.8AI score0.70082EPSS
Exploits2References1
OSV
OSVadded 2019/02/04 7:29 p.m.1 views

DEBIAN-CVE-2019-7334

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export export.php because proper filtration is omitted...

6.1CVSS8.2AI score0.0024EPSS
Exploits1References1
OSV
OSVadded 2004/03/03 5:0 a.m.1 views

DEBIAN-CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

5CVSS6.6AI score0.13292EPSS
Exploits1References1
Packet Storm
Packet Stormadded 2004/02/03 12:0 a.m.21 views

phpMyAdmin255pl1.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...

7.4AI score
Exploits0
Rows per page
Query Builder