Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-47718

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00685EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 12:15 a.m.3 views

CVE-2022-44786

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application...

7.5CVSS6.9AI score0.00685EPSS
Exploits1References1
Prion
Prionadded 2022/11/21 11:15 p.m.11 views

Code injection

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application...

5CVSS7.5AI score0.00685EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/21 12:0 a.m.4 views

CVE-2022-44786

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application...

7.5AI score0.00685EPSS
Exploits1References1
OSV
OSVadded 2022/05/17 2:19 a.m.17 views

GHSA-4VWV-X3GP-2J4G The Undertow module of WildFly allows source code disclosure

The Undertow module of WildFly versions 8.1.0.Final, 8.2.0.Final, 9.0.0.CR1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL...

7.5CVSS7.5AI score0.01757EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2022/05/17 2:19 a.m.32 views

The Undertow module of WildFly allows source code disclosure

The Undertow module of WildFly versions 8.1.0.Final, 8.2.0.Final, 9.0.0.CR1 allows remote attackers to obtain the source code of a JSP page via a "/" at the end of a URL...

7.5CVSS6.9AI score0.01757EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2022/04/29 1:25 a.m.17 views

GHSA-W97X-XFXF-F9XJ Jakarta Tomcat Denial of Service vulnerability

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...

5CVSS6.4AI score0.02491EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2022/04/29 1:25 a.m.25 views

Jakarta Tomcat Denial of Service vulnerability

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...

5CVSS6.8AI score0.02491EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2020/09/02 3:15 p.m.18 views

CVE-2020-24602

Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vulnerability which allows an attacker to execute arbitrary malicious URL via the vulnerable GET parameter searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescription" and...

6.1CVSS6.4AI score0.01012EPSS
Exploits1References2
OSV
OSVadded 2020/09/02 3:15 p.m.16 views

CVE-2020-24602

Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vulnerability which allows an attacker to execute arbitrary malicious URL via the vulnerable GET parameter searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescription" and...

6.1CVSS6.9AI score0.01012EPSS
Exploits1References2
Cvelist
Cvelistadded 2020/09/02 2:37 p.m.27 views

CVE-2020-24602

Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vulnerability which allows an attacker to execute arbitrary malicious URL via the vulnerable GET parameter searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescription" and...

6.3AI score0.01012EPSS
Exploits1References2
CVE
CVEadded 2020/09/02 2:37 p.m.45 views

CVE-2020-24602

Openfire 4.5.1 is affected by a reflected XSS in the Server Properties and Security Audit Viewer JSP page. The vulnerability allows an attacker to trigger arbitrary URL execution by manipulating the vulnerable GET parameters: searchName, searchValue, searchDescription, searchDefaultValue, searchP...

6.1CVSS6.3AI score0.01012EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2017/10/08 12:0 a.m.28 views

Apache Tomcat HTTP PUT Remote Code Execution (CVE-2017-12617)

A remote code execution vulnerability exists in Apache Tomcat. The vulnerability is due to insufficient validation of PUT requests. A remote attacker can exploit this vulnerability by sending a specially crafted request containing a JSP page to the vulnerable server...

6.8CVSS2.5AI score0.99988EPSS
Exploits22
Packet Storm
Packet Stormadded 2012/07/27 12:0 a.m.20 views

rdtax.myeg.com.my Cross Site Scripting

Exploit Title: rdtax.myeg.com.my XSS Vulnerability Date: 27/07/2012 Author: Ryuzaki Lawlet Web/Blog: http://justryuz.blogspot.com Category: webapps Security:RISK: normal Vendor or Software Link: Google dork: - Tested on: Linux Exploit/p0c : http://localhost:80/path/path/chooseIns.jsp?agent= Proof...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2010/04/26 12:0 a.m.92 views

Apache ActiveMQ is prone to source code disclosure vulnerability.

Apache ActiveMQ Source Code Disclosure Vulnerability SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1002 04/18/2010 Issue Discovered 04/20/2010 Vendor Notified 04/21/2010 Fix Available Class: Source code disclosure Severity: Medium Overview: --------- Apache ActiveMQ is prone ...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2010/04/23 12:0 a.m.15 views

Apache ActiveMQ Source Code Disclosure

Apache ActiveMQ Source Code Disclosure Vulnerability SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1002 04/18/2010 Issue Discovered 04/20/2010 Vendor Notified 04/21/2010 Fix Available Class: Source code disclosure Severity: Medium Overview: --------- Apache ActiveMQ is prone ...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2010/03/11 12:0 a.m.32 views

HP OpenView Performance Insight code execution

It's possible to upload JSP page to server...

10CVSS1.5AI score0.05664EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVASadded 2008/01/17 12:0 a.m.21 views

Debian Security Advisory DSA 225-1 (tomcat4)

The remote host is missing an update to tomcat4 announced via advisory DSA 225-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.1682EPSS
Exploits1References1
securityvulns
securityvulnsadded 2006/03/23 12:0 a.m.58 views

Orion application server source code disclosure

It's possible to access JSP page content by adding dot with space character to file extention...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2005/04/14 12:0 a.m.34 views

IBM WebSphere application server information leak

It's possible to obtain JSP page source code by requesting non-existing virtual host...

0.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder