Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-4899

Malware in sbrugna...

7.5CVSS6.4AI score0.01622EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2008-6998

Malware in sbrugna...

4.3CVSS6.4AI score0.01033EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2008-3661

Malware in sbrugna...

5CVSS6.4AI score0.0292EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.3 views

Malicious code in gelato-framework (npm)

The package gelato-framework was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.2 views

MAL-2025-21254 Malicious code in gelato-framework (npm)

The package gelato-framework was found to contain malicious code...

7.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2022/03/23 4:3 p.m.11 views

sugarfree-gelato.com Cross Site Scripting vulnerability OBB-2443260

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.22 views

Gelato (index.php post) Remote SQL Injection Exploit

No description provided by source. ? Gelato SQL Injection exploit Dork: powered by gelato cms Homepage: http://gelatocms.com s 0 c r a t e x msn: s0cratexatnasadotgov greetz: D.O.M and plexinium team inisetmaxexecutiontime,0; function gettext $in = fopenphp://stdin, 'r'; $text = fgets$in, 1024;...

7.1AI score
Exploits0
NVD
NVDadded 2009/08/24 10:30 a.m.15 views

CVE-2008-7039

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4
Prion
Prionadded 2009/08/24 10:30 a.m.8 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

4.3CVSS6.2AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2009/08/24 10:0 a.m.18 views

CVE-2008-7039

Cross-site scripting XSS vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter in a comment. NOTE: some of these details are obtained from third party information...

5.7AI score0.01033EPSS
Exploits0References4
CVE
CVEadded 2009/08/24 10:0 a.m.43 views

CVE-2008-7039

CVE-2008-7039 concerns Gelato CMS 0.95, where an XSS flaw exists in admin/comments.php via the comment content parameter. The vulnerability allows remote attackers to inject arbitrary web script or HTML when processing a comment, per the NVD description. The linked connected records corroborate t...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2008/08/14 7:41 p.m.13 views

CVE-2008-3675

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

5CVSS6.8AI score0.0292EPSS
Exploits0References5
Prion
Prionadded 2008/08/14 7:41 p.m.10 views

Directory traversal

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

5CVSS7.3AI score0.0292EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2008/08/14 7:0 p.m.16 views

CVE-2008-3675

Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via 1 a .. dot dot and possibly 2 a full pathname in the img parameter. NOTE: some of these details are obtained from third party information...

6.8AI score0.0292EPSS
Exploits0References5
CVE
CVEadded 2008/08/14 7:0 p.m.39 views

CVE-2008-3675

The CVE-2008-3675 entry concerns a directory traversal in Gelato 0.95. Affected component: classes/imgsize.php (Gelato 0.95). Vulnerable input: the img parameter, where attackers can supply ../ or full pathnames to read arbitrary files on the server. Impact is read access to arbitrary local files...

5CVSS6.8AI score0.0292EPSS
Exploits0References5Affected Software1
0day.today
0day.todayadded 2008/08/13 12:0 a.m.20 views

gelato CMS 0.95 (img) Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications ========================================================== gelato CMS 0.95 img Remote File Disclosure Vulnerability ========================================================== =---------------------------------------------= = ,.:oO0^-^0Oo:....

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2008/08/13 12:0 a.m.16 views

gelato CMS 0.95 (img) Remote File Disclosure Vulnerability

No description provided by source. =---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bu...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2008/08/13 12:0 a.m.25 views

gelatocms-disclose.txt

=---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bug : Remote File Disclosure...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2008/08/13 12:0 a.m.10 views

gelato CMS 0.95 - img Remote File Disclosure

gelato CMS 0.95 - img Remote File Disclosure =---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelat...

7.5AI score
Exploits0
Exploit DB
Exploit DBadded 2008/08/13 12:0 a.m.31 views

gelato CMS 0.95 - 'img' Remote File Disclosure

=---------------------------------------------= = ,.:oO0^-^0Oo:., = = JIKO = = '':0Oov-voO0:'' = =---------------------------------------------= ----------------------=JIKO=------------------- | Autor : jiko | Home : WwW.No-Exploit.CoM | Script : gelato CMS | Bug : Remote File Disclosure...

7AI score
Exploits0
Rows per page
Query Builder