Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

CNNVD
CNNVDadded 2026/04/08 12:0 a.m.5 views

Zammad 安全漏洞

Zammad is a ticketing management software developed by the German company Zammad. Versions of Zammad prior to 7.0.1 and 6.5.4 contained security vulnerabilities. These vulnerabilities were due to improper cleaning of data: URI schemes by the HTML cleaner, which could allow the storage of maliciou...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2023/10/25 12:0 a.m.4 views

The vulnerability of the network management system for monitoring and managing industrial networks in SINEC NMS, related to improper data cleaning in the SNMP configuration, allows a attacker to execute XSS attacks.

The vulnerability of the network management system for monitoring and managing industrial networks in SINEC NMS is related to improper data cleaning in the SNMP configuration. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.8AI score0.00296EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/04/05 12:0 a.m.5 views

PT-2023-3268 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to insufficient cleaning of user data in the administration panel, allowing a user to inject and execute arbitrary HTML and script code i...

10CVSS6.7AI score0.99521EPSS
Exploits40References206
BDU FSTEC
BDU FSTECadded 2023/03/24 12:0 a.m.4 views

The vulnerability in the implementation of the PAPI network protocol for ArubaOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PAPI network protocol implementation in ArubaOS operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.0174EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTECadded 2022/08/10 12:0 a.m.5 views

The vulnerability of the implementation of automatic login for mobile devices in the virtual training environment Moodle allows a hacker to carry out a phishing attack and expose the protected information.

The vulnerability of the automatic login function in the Moodle virtual training system for mobile devices is related to improper cleaning of user data. Exploiting this vulnerability allows a malicious actor to carry out a phishing attack and disclose sensitive information through a specially...

5CVSS6AI score0.01527EPSS
Exploits0References9Affected Software3
CNNVD
CNNVDadded 2022/05/16 12:0 a.m.3 views

WordPress plugin th23 Social 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. th23 Socials plugin 1.2.0 and earlier versions of WordPress are vulnerable to a cross-site scripting...

4.8CVSS5.2AI score0.00565EPSS
Exploits2References2
Rows per page
Query Builder