Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

EUVD
EUVDadded 2026/05/05 3:31 a.m.2 views

EUVD-2026-27201

The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'firstname', 'lastname', and 'phone' parameters on the plugin's sign-up admin page in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output...

6.1CVSS6AI score0.00113EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-9137

Malware in sbrugna...

5.4CVSS5.5AI score0.00206EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-52724

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00072EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-37889

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00224EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-29824

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00235EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/01/13 12:0 a.m.4 views

CVE-2024-54999

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the lastname parameter the General Information module...

6.6AI score0.00072EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/07/26 12:57 p.m.10 views

CVE-2022-34991

Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting XSS vulnerabilities via the firstname and lastname parameters...

5.7AI score0.00224EPSS
Exploits1References1
Openbugbounty
Openbugbountyadded 2021/10/02 7:37 a.m.21 views

agisportal.lanl.gov Cross Site Scripting vulnerability OBB-2153634

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| agisportal.lanl.gov ---|--- Open Bug...

6.2AI score
Exploits0
CVE
CVEadded 2021/10/01 3:42 p.m.39 views

CVE-2021-40922

CVE-2021-40922 is a cross-site scripting (XSS) vulnerability affecting the open source defect-tracking system Bugs/Tinyissue in versions 1.8 and earlier, exploitable via the last_name parameter in install/index.php . The root cause is improper input handling in that endpoint, enabling remote atta...

6.1CVSS6.1AI score0.00283EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/10/01 3:42 p.m.11 views

CVE-2021-40922

Cross-site scripting XSS vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the lastname parameter...

6.3AI score0.00283EPSS
Exploits1References2
NVD
NVDadded 2017/12/30 4:29 a.m.11 views

CVE-2017-17995

Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...

5.4CVSS5.3AI score0.00206EPSS
Exploits1References1
Prion
Prionadded 2017/12/30 4:29 a.m.14 views

Server side request forgery (ssrf)

Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...

3.5CVSS5.2AI score0.00206EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2017/12/30 4:0 a.m.11 views

CVE-2017-17995

Biometric Shift Employee Management System has XSS via the LastName parameter in an index.php?user=ajax request...

5.3AI score0.00206EPSS
Exploits1References1
Rows per page
Query Builder