Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/06 9:0 a.m.3 views

CVE-2026-5640

A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. The manipulation of the argument filename leads to sql injection. The attack is possible to be...

6.5CVSS5.7AI score0.00036EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2026/04/06 12:0 a.m.2 views

PHPGurukul Online Shopping Portal Project SQL注入漏洞

The PHPGurukul Online Shopping Portal Project is an online shopping portal project developed by PHPGurukul Corporation. Version 2.1 of the PHPGurukul Online Shopping Portal Project contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter filename ...

6.5CVSS6.7AI score0.00036EPSS
Exploits0References5
Snyk
Snykadded 2023/02/21 8:16 a.m.1 views

Malicious Package

Overview wf-extract-text-in-image2 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
OSV
OSVadded 2023/02/12 8:51 p.m.5 views

MAL-2023-963 Malicious code in wf-extract-text-in-image2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3cd6fc1170a3ada1d746fc52e031d5c161e68ecaccf1383924617a33f88f75a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2018/04/19 7:24 a.m.1 views

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. Discovered b...

6.8AI score
Exploits0
OSV
OSVadded 2018/04/18 3:34 p.m.0 views

DRUPAL-CORE-2018-003

CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting XSS vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin which Drupal 8 core also uses. We would like to thank th...

6.1CVSS5.7AI score0.00369EPSS
Exploits0References1
seebug.org
seebug.orgadded 2011/10/11 12:0 a.m.17 views

MyBB Forum Userbar Plugin (Userbar v2.2) SQL Injection

No description provided by source. --------------------------------------------------------------------- Exploit Title : MyBB Forum Userbar Plugin Userbar v2.2 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ :...

7.1AI score
Exploits0
Rows per page
Query Builder