Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-22906

Malware in sbrugna...

7.2CVSS7AI score0.00565EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 9:38 a.m.8 views

CVE-2024-24818

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2...

5.9CVSS6.7AI score0.00127EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 3:31 p.m.4 views

CVE-2020-35227

A buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices in the administration web panel allows an attacker to inject IP addresses into the whitelist via the checkedList parameter to the delete command...

7.2CVSS7.4AI score0.00565EPSS
Exploits0
OSV
OSVadded 2024/03/31 6:17 p.m.19 views

BIT-ESPOCRM-2024-24818

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to credential stealing or another attack. This vulnerability is fixed in 8.1.2...

5.9CVSS5.6AI score0.00127EPSS
Exploits1References2
CVE
CVEadded 2024/02/29 3:17 p.m.43 views

CVE-2024-24818

CVE-2024-24818 affects EspoCRM. The vulnerability stems from an input/control on the Password Change page that allows an attacker to inject arbitrary IPs or domains, enabling redirection of victims to a malicious page. This could facilitate credential theft or related attacks. Public documentatio...

5.9CVSS5.6AI score0.00127EPSS
Exploits1References2Affected Software1
Veracode
Veracodeadded 2022/04/05 4:30 a.m.16 views

Server-Side Request Forgery (SSRF)

calibreweb is vulnerable to server-side request forgerySSRF attacks. An attacker is able to set up their HTTP server to respond with a 302 redirect to redirect the request to localhost which results in injecting malicious ip address via IPV4/IPV4 embedding...

9.9CVSS1.5AI score0.0026EPSS
Exploits1References3Affected Software1
myhack58
myhack58added 2012/04/24 12:0 a.m.17 views

Jackie CMS (<=1.7) SQL injection vulnerability analysis-vulnerability warning-the black bar safety net

Jackie CMS Jieqi CMS is a novel system based CMS, currently the latest version is 1. 7, in the novel class of station use rate is still relatively high, these days took some time to look at his code, but quite interesting, to share with you a bit. The entire system of the core code is zend...

8.5AI score
Exploits0
myhack58
myhack58added 2010/04/20 12:0 a.m.14 views

Simple forged X-Forwarded-For-bug warning-the black bar safety net

On the forged X-Forwarded-For purposes I will not say more. In the invasion of a PHP station, the GPC is ON, Character type injection all., while in PHP5, the GPC the default is open. But GPC for$SERVER without any effect, So you can fake the$SERVER to achieve the injection to the purpose. IP. in...

7.5AI score
Exploits0
myhack58
myhack58added 2010/04/14 12:0 a.m.20 views

Simple forged X-Forwarded-For-bug warning-the black bar safety net

On the forged X-Forwarded-For purposes I will not say more. In the invasion of a PHP station, the GPC is ON, Character type injection all., while in PHP5, the GPC the default is open. But GPC for$SERVER without any effect, So you can fake the$SERVER to achieve the injection to the purpose. IP. in...

7.5AI score
Exploits0
Rows per page
Query Builder