Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/05/15 7:46 a.m.3 views

EUVD-2026-30513

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due to insufficient authorization checks in the role field update mechanism combined with overly permissive capabilities for the adminform post type. The...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References5
NVD
NVDadded 2026/03/31 1:16 a.m.4 views

CVE-2026-30878

baserCMS is a website development framework. Prior to version 5.2.3, a public mail submission API allows unauthenticated users to submit mail form entries even when the corresponding form is not accepting submissions. This bypasses administrative controls intended to stop form intake and enables...

5.3CVSS0.0002EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/03/31 12:0 a.m.2 views

baserCMS 安全漏洞

BaserCMS is a corporate-level content management system CMS developed by the baserCMS team. Versions of BaserCMS prior to 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from defects in the public email submission API, which could allow for bypassing management controls an...

5.3CVSS5.8AI score0.0002EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/12/09 12:0 a.m.2 views

PT-2025-50249

Name of the Vulnerable Software and Affected Versions Selea Targa IP OCR-ANPR Camera affected versions not specified Description The Selea Targa IP OCR-ANPR Camera is subject to a cross-site request forgery condition. This allows attackers to create administrative users without requiring...

8.5CVSS6.3AI score0.00079EPSS
Exploits1References7
The Hacker News
The Hacker Newsadded 2022/04/28 10:39 a.m.41 views

Cybercriminals Using New Malware Loader 'Bumblebee' in the Wild

Cybercriminal actors previously observed delivering BazaLoader and IcedID as part of their malware campaigns are said to have transitioned to a new loader called Bumblebee that's under active development. "Based on the timing of its appearance in the threat landscape and use by multiple...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secureadded 2021/04/09 4:31 p.m.49 views

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind their allegations, but are...

0.5AI score
Exploits0
OSV
OSVadded 2018/08/06 3:29 p.m.1 views

CVE-2018-14978

An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI...

8.8CVSS5.8AI score0.00138EPSS
Exploits1References1
securityvulns
securityvulnsadded 2005/02/20 12:0 a.m.19 views

BizMail 2.1 Spam Exploit

Greetings all, Over the course of the last few months I've been the victim of repeated abuses of a web-based form commonly used for customer requests. This form can be downloaded here : http://www.bizmailform.com This form allowed a hacker to directly call the cgi, forge a referer url, and, with...

6.7AI score
Exploits0
Rows per page
Query Builder