Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/08 8:30 a.m.3 views

CVE-2026-39588

Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NM Gift Registry and Wishlist Lite: from n/a through = 5.13...

5.9AI score0.0004EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/05/15 7:33 p.m.10 views

CVE-2025-47786 Emlog vulnerable to Stored Cross-site Scripting

Emlog is an open source website building system. Version 2.5.13 has a stored cross-site scripting vulnerability that allows any registered user to construct malicious JavaScript, inducing all website users to click. In /admin/comment.php, the parameter perpagenum is not validated and is directly...

4.8CVSS0.0014EPSS
Exploits1References1
CVE
CVEadded 2025/05/15 7:33 p.m.35 views

CVE-2025-47786

CVE-2025-47786 affects Emlog 2.5.13. The vulnerability is a stored cross-site scripting issue in /admin/comment.php where the unvalidated parameter perpage_num is stored in the database (admin_commend_perpage_num) and the output is not filtered, allowing a registered user to inject JavaScript tha...

4.8CVSS5.7AI score0.0014EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2025/01/06 5:15 p.m.2 views

DEBIAN-CVE-2025-21613

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS7.1AI score0.03834EPSS
Exploits0References1
OSV
OSVadded 2023/11/28 5:15 a.m.4 views

CVE-2023-6225

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sumeta shortcode combined with post meta data in all versions up to, and including, 5.13.3 due to insufficient input sanitization and output escaping on user supplied...

5.4CVSS5.9AI score
Exploits0References3
OSV
OSVadded 2023/04/06 5:15 p.m.2 views

CVE-2023-0580

Insecure Storage of Sensitive Information vulnerability in ABB My Control System on-premise allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System...

9.8CVSS7.3AI score
Exploits0References1
OSV
OSVadded 2022/07/16 7:15 a.m.3 views

CVE-2017-20134

A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been...

9.8CVSS5.7AI score0.0031EPSS
Exploits1References2
CNVD
CNVDadded 2019/10/11 12:0 a.m.2 views

WordPress addthis plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. addthis is a social sharing button plugin used in it. A cross-site scripting vulnerability exists in WordPress addthis plugin versions...

4.8CVSS6.2AI score0.00255EPSS
Exploits0References1
Rows per page
Query Builder