Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2022/08/26 12:50 p.m.13 views

CVE-2021-39394

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add user accounts and modify user information...

6.8AI score0.00101EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2021/04/28 12:0 a.m.2 views

PT-2021-18641 · Unknown · Network Camera Device

Name of the Vulnerable Software and Affected Versions: Network camera device affected versions not specified Description: The issue concerns the manage users profile services of the network camera device, which allows an authenticated remote attacker to modify URL parameters and amend a user's...

9.8CVSS9.2AI score0.03084EPSS
Exploits0References6
CVE
CVEadded 2018/08/29 1:0 p.m.55 views

CVE-2018-12807

Adobe Experience Manager (AEM) versions 6.0–6.4 are affected by CVE-2018-12807, an input validation bypass vulnerability that could allow unauthorized modification of information. The root cause is the input validation bypass in AEM, with no exploitation details provided in the connected document...

5.3CVSS5AI score0.04987EPSS
Exploits0References3Affected Software1
CNVD
CNVDadded 2015/10/16 12:0 a.m.1 views

Revive Adserver Cross-Site Request Forgery Vulnerability

Revive Adserver is an open source ad management system from the Revive Adserver team. A cross-site request forgery vulnerability exists in Revive Adserver versions prior to 3.2.2, which can be exploited by a remote attacker to perform specific plugin operations or cause a denial of service...

6.8CVSS6.9AI score0.00227EPSS
Exploits1References1
seebug.org
seebug.orgadded 2015/07/01 12:0 a.m.19 views

CmsEasy_5.5_UTF-8_20150620任意用户密码修改(最新webscan失效方法)

简要描述: cmseasy 任意用户密码修改,6.20号最新的补丁,个人觉得,cmseasy的工作人员,分析问题思路有问题,而且都是掩耳盗铃的修补方法,最后一次发cmseasy漏洞了,已经无法解救了,直接开除吧,其实这个之前在360发过,但是看到最新补丁描述,说是已经修复,但是从修复的效果看,等于没有修复 详细说明: 文件名:CmsEasy5.5UTF-820150620 先贴上官网给出的修复描述: formact.php: function searchaction iffront::get'keyword' &&!front::post'keyword'...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2015/04/24 12:0 a.m.27 views

WordPress QAEngine Theme 1.4 Privilege Escalation

Theme Link: https://www.enginethemes.com/themes/qaengine/ - Vulnerability Description: + 1st Vulnerability: qaengine vulnerability allows an attacker to have an administrator account on the target's website vuln code in /qaengine/includes/aecore/class-ae-users.php: public function insert...

0.4AI score
Exploits0
exploitpack
exploitpackadded 2009/12/13 12:0 a.m.10 views

Frog CMS 0.9.5 - Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery ------------------------------------------------------------------------------------------------- Title: Frog Date: 13. December 2009. -------------------------------------------------------------------------------------------------...

1AI score
Exploits0
CVE
CVEadded 2000/02/08 5:0 a.m.57 views

CVE-2000-0110

CVE-2000-0110 affects the WebSiteTool shopping cart application, where remote attackers can modify sensitive purchase information by manipulating hidden form fields in the shopping cart. The PT-2000-1098 entry corroborates this description but does not specify affected versions or a fix. No explo...

7.5CVSS6.7AI score0.00555EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder