Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CVE
CVEadded 2026/04/14 1:39 a.m.9 views

CVE-2026-34225

Open WebUI vulnerability CVE-2026-34225 affects the Open WebUI self-hosted AI platform (offline). Versions ≤ 0.7.2 expose a Blind Server Side Request Forgery in the image-edit workflow: a GET request to a user-supplied URL with no domain restrictions, enabling access to the local address space. B...

4.3CVSS5.7AI score0.00036EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/14 12:0 a.m.1 views

PT-2026-32582

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request Forgery in the functionality that allows editing an image via a prompt. The affected function performs a GET request to a user-provided U...

4.3CVSS5.7AI score0.00036EPSS
Exploits1References2
NVD
NVDadded 2026/01/13 11:15 p.m.1 views

CVE-2022-50894

VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the imgid parameter. Attackers can send GET requests to editgalleryimage.php with malicious imgid values to extract database...

7.1CVSS0.00013EPSS
Exploits1References3
OSV
OSVadded 2024/06/25 1:1 p.m.5 views

MAL-2024-3036 Malicious code in sp-image-edit (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/06/25 1:1 p.m.2 views

Malicious code in sp-image-edit (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Packet Storm
Packet Stormadded 2023/08/09 12:0 a.m.278 views

Dexx CMS HTML And Site Builder 2.2.3 XSS / Arbitrary File Upload

==================================================================================================================================== | Title : Dexx CMS - HTML and Site Builder V2.2.3 Remote File Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser :...

7.1AI score
Exploits0
CNNVD
CNNVDadded 2022/10/18 12:0 a.m.2 views

Billing System Project 代码问题漏洞

Billing System Project is a billing system project by Mayuri K. Individual developer. A security vulnerability exists in Billing System Project v1.0, which stems from an arbitrary file upload vulnerability found in component /phpaction/editProductImage. An attacker can exploit this vulnerability ...

7.2CVSS7.5AI score0.00991EPSS
Exploits1References2
0day.today
0day.todayadded 2014/06/27 12:0 a.m.23 views

Wordpress Plugin Maxgalleria Lite Wordpress Post Title Edit Vulnerbility

This material allows an attacker to change any post name while the wordpress is having the vulnerable plugin Usage Info Follow the POC Title : Wordpress Plugin Maxgalleria lite wordpress Post Title Edit Vulnerbility Author : Aloulou Date : 25/06/2014 Facebook : facebook.com/Aloulou.TN Email:...

7AI score
Exploits0
CERT
CERTadded 2000/10/31 12:0 a.m.46 views

Wang/Kodak Image Edit ActiveX control

Overview Description The Image Edit control is incorrectly marked safe for scripting. This control is sometimes identified as from "Kodak" and other times as from "Wang". The Image Edit control is one of several controls used to provide image editting services through a web site. Because the...

10CVSS6.2AI score0.42375EPSS
Exploits0References2
Rows per page
Query Builder