Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Packet Storm
Packet Stormadded 2024/02/02 12:0 a.m.280 views

Grocy 4.0.2 Cross Site Request Forgery

Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must hav...

8.8CVSS7.4AI score0.00185EPSS
Exploits4
0day.today
0day.todayadded 2024/01/31 12:0 a.m.246 views

Grocy <= 4.0.2 - CSRF Vulnerability

Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must have Crea...

8.8CVSS8.9AI score0.00185EPSS
Exploits4
OSV
OSVadded 2019/06/26 12:15 p.m.1 views

CVE-2019-12966

FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the "a":functionconfirm1 input...

9.8CVSS7.8AI score0.01119EPSS
Exploits1References1
Rows per page
Query Builder