Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14 matches found

EUVD
EUVDadded 2026/05/10 3:31 p.m.5 views

EUVD-2022-55985

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

6.1CVSS5.7AI score0.00042EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/09 9:53 a.m.6 views

CVE-2020-10879

rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped...

9.8CVSS7.3AI score0.86178EPSS
Exploits3References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2020-28780

Malware in sbrugna...

8CVSS7.8AI score0.02892EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2015-8584

Malware in sbrugna...

9.8CVSS9.5AI score0.00203EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2004-2315

Malware in sbrugna...

5CVSS6.4AI score0.00427EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-4264

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00106EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 12:6 a.m.3 views

CVE-2022-25568

MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured...

7.5CVSS6.5AI score0.8531EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 3:20 p.m.9 views

CVE-2020-23151

rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped...

9.8CVSS7.4AI score0.55598EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2025/05/20 12:0 a.m.3 views

PT-2025-22136 · Zalo · Zalo

Name of the Vulnerable Software and Affected Versions: Zalo version 23.09.01 Description: The issue allows attackers to obtain sensitive user information via a crafted GET request. Recommendations: For Zalo version 23.09.01, at the moment, there is no information about a newer version that contai...

7.5CVSS5.8AI score0.00333EPSS
Exploits1References5
NVD
NVDadded 2025/05/05 8:15 p.m.6 views

CVE-2025-45611

Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request...

9.8CVSS0.00299EPSS
Exploits1References1
exploitpack
exploitpackadded 2004/07/11 12:0 a.m.7 views

clearswift MIMEsweeper for Web 4.05.0 - Directory Traversal

clearswift MIMEsweeper for Web 4.05.0 - Directory Traversal source: https://www.securityfocus.com/bid/10918/info Clearswift MIMEsweeper For Web is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied data. To carry out an attack an attacker may...

0.4AI score
Exploits0
NVD
NVDadded 2003/10/27 5:0 a.m.8 views

CVE-2003-1137

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk wildcard character...

5CVSS7.2AI score0.06466EPSS
Exploits1References4
NVD
NVDadded 2002/12/31 5:0 a.m.13 views

CVE-2002-2237

tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux...

5CVSS6.7AI score0.01796EPSS
Exploits1References3
Exploit DB
Exploit DBadded 2001/02/27 12:0 a.m.22 views

Orange Software Orange Web Server 2.1 - Denial of Service

source: https://www.securityfocus.com/bid/2432/info A remote user can cause a denial-of-service condition in Orange Software Orange Web Server. The attacker could submit a specially crafted GET request via a telnet connection to cause the server to crash. A restart of the server is required to ga...

7.4AI score
Exploits0
Rows per page
Query Builder