Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

738 matches found

Information Security Automation
Information Security Automationadded 2018/07/08 9:22 p.m.63 views

Free High-Tech Bridge ImmuniWeb Application Discovery service

Today I would like to talk about another service for application security analysis by High-Tech Bridge. It's called ImmuniWeb Application Discovery. This service can get information about your web and mobile applications available from the Internet. Believe me, this is not so obvious for a large...

7AI score
Exploits0
Information Security Automation
Information Security Automationadded 2017/11/27 9:10 p.m.30 views

Vulnerability Management for Network Perimeter

Network Perimeter is like a door to your organization. It is accessible to everyone and vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It's important not t...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2016/08/03 12:0 a.m.39 views

Atutor 2.2.1 Path Traversal

Advisory ID: HTB23297 Product: Atutor Vendor: Atutor Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Advisory Publication: February 24, 2016 without technical details Vendor Notification: February 24, 2016 Vendor Patch: July 1, 2016 Public Disclosure: August 2, 2016...

7.4AI score
Exploits0
0day.today
0day.todayadded 2016/04/29 12:0 a.m.45 views

GLPi 0.90.2 - SQL Injection

Exploit for php platform in category web applications Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.90.2 and probably prior Tested Version: 0.90.2 Advisory Publication: April 8, 2016 without technical details Vendor Notification: April 8, 2016 Vendor Patch: April 11, 2016 Public Disclosur...

6.7AI score
Exploits0
0day.today
0day.todayadded 2016/04/06 12:0 a.m.29 views

SocialEngine 4.8.9 - SQL Injection

Exploit for php platform in category web applications Product: SocialEngine Vendor: Webligo Vulnerable Versions: 4.8.9 and probably prior Tested Version: 4.8.9 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: April 6, 2016...

7.1AI score
Exploits0
OSV
OSVadded 2016/04/05 12:0 a.m.12 views

DSA-3541-1 roundcube - security update

Bulletin has no description...

7.5CVSS7.5AI score0.28303EPSS
Exploits5
0day.today
0day.todayadded 2016/03/30 12:0 a.m.32 views

CubeCart 6.0.10 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product: CubeCart Vendor: CubeCart Limited Vulnerable Versions: 6.0.10 and probably prior Tested Version: 6.0.10 Advisory Publication: March 2, 2016 without technical details Vendor Notification: March 2, 2016 Vendor Patch: March 16, 2016 Publ...

7.1AI score
Exploits0
htbridge
htbridgeadded 2016/03/30 12:0 a.m.502 views

RCE via CSRF in phpMyFAQ

High-Tech Bridge Security Research Lab discovered a high-risk security vulnerability in a popular multilingual FAQ software phpMyFAQ. A remote attacker can execute arbitrary PHP code on vulnerable system via CSRF attack against website administrator and completely compromise vulnerable web...

7.8AI score
Exploits0Affected Software1
0day.today
0day.todayadded 2016/03/21 12:0 a.m.46 views

iTop 2.2.1 - Cross-Site Request Forgery

Exploit for php platform in category web applications Product: iTop Vendor: Combodo Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Advisory Publication: February 10, 2016 without technical details Vendor Notification: February 10, 2016 Vendor Patch: February 11, 2016 Public...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2016/03/21 12:0 a.m.43 views

iTop 2.2.1 - Cross-Site Request Forgery

Advisory ID: HTB23293 Product: iTop Vendor: Combodo Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Advisory Publication: February 10, 2016 without technical details Vendor Notification: February 10, 2016 Vendor Patch: February 11, 2016 Public Disclosure: March 18, 2016...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2016/03/19 12:0 a.m.36 views

Dating Pro Genie 2015.7 Cross Site Request Forgery

Advisory ID: HTB23294 Product: Dating Pro Vendor: DatingPro Vulnerable Versions: Genie 2015.7 and probably prior Tested Version: Genie 2015.7 Advisory Publication: February 10, 2016 without technical details Vendor Notification: February 10, 2016 Vendor Patch: February 29, 2016 Public Disclosure:...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2016/03/19 12:0 a.m.35 views

WebsiteBaker CMS 2.8.3-SP5 SQL Injection

Advisory ID: HTB23296 Product: WebsiteBaker Vendor: WebsiteBaker Org e.V. Vulnerable Versions: 2.8.3-SP5 and probably prior Tested Version: 2.8.3-SP5 Advisory Publication: February 24, 2016 without technical details Vendor Notification: February 24, 2016 Vendor Patch: February 26, 2016 Public...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2016/02/18 12:0 a.m.34 views

osCmax 2.5.4 Code Execution / CSRF / Local File Inclusion

Advisory ID: HTB23285 Product: osCmax Vendor: http://oscmax.com/ Vulnerable Versions: 2.5.4 and probably prior Tested Version: 2.5.4 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: February 17, 2016 Vulnerability Type: PH...

7AI score
Exploits0
Packet Storm
Packet Stormadded 2016/02/18 12:0 a.m.37 views

webSPELL 4.2.4 Cross Site Request Forgery / SQL Injection

Advisory ID: HTB23291 Product: webSPELL Vendor: webSPELL.org Vulnerable Versions: 4.2.4 and probably prior Tested Version: 4.2.4 Advisory Publication: January 22, 2016 without technical details Vendor Notification: January 22, 2016 Vendor Patch: February 12, 2016 Public Disclosure: February 17,...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2016/02/18 12:0 a.m.38 views

WeBid 1.1.2P2 SQL Injection

Advisory ID: HTB23292 Product: WeBid Vendor: WeBid Vulnerable Versions: 1.1.2P2 and probably prior Tested Version: 1.1.2P2 Advisory Publication: January 22, 2016 without technical details Vendor Notification: January 22, 2016 Vendor Patch: February 4, 2016 Public Disclosure: February 17, 2016...

0.1AI score
Exploits0
Packet Storm
Packet Stormadded 2016/02/18 12:0 a.m.32 views

osCommerce 2.3.4 Local File Inclusion / Cross Site Request Forgery

Advisory ID: HTB23284 Product: osCommerce Vendor: osCommerce Vulnerable Versions: 2.3.4 and probably prior Tested Version: 2.3.4 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Public Disclosure: February 17, 2016 Vulnerability Type: PHP Fi...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2016/01/15 12:0 a.m.93 views

mcart.xls Bitrix Module 6.5.2 - SQL Injection

Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Public Disclosure: January 13, 2016 Vulnerabilit...

8CVSS7.9AI score0.02553EPSS
Exploits5
exploitpack
exploitpackadded 2016/01/15 12:0 a.m.44 views

Roundcube Webmail 1.1.3 - Directory Traversal

Roundcube Webmail 1.1.3 - Directory Traversal Advisory ID: HTB23283 Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch:...

6CVSS0.2AI score0.28303EPSS
Exploits5
0day.today
0day.todayadded 2016/01/15 12:0 a.m.74 views

Roundcube 1.1.3 - Directory Traversal

Exploit for php platform in category web applications Product: Roundcube Vendor: Roundcube.net Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Advisory Publication: December 21, 2015 without technical details Vendor Notification: December 21, 2015 Vendor Patch: December 26, 20...

6CVSS0.1AI score0.28303EPSS
Exploits5
exploitpack
exploitpackadded 2016/01/15 12:0 a.m.55 views

mcart.xls Bitrix Module 6.5.2 - SQL Injection

mcart.xls Bitrix Module 6.5.2 - SQL Injection Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015...

6CVSS8.4AI score0.02553EPSS
Exploits5
Rows per page
Query Builder