Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/24 5:22 p.m.1 views

CVE-2026-33157

Craft CMS is a content management system CMS. From version 5.6.0 to before version 5.9.13, a Remote Code Execution RCE vulnerability exists in Craft CMS, it can be exploited by any authenticated user with control panel access. This is a bypass of a previous fix. The existing patches add...

8.6CVSS5.8AI score0.00101EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/09/06 11:25 a.m.2 views

CVE-2025-41061

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/uploadify...

5.4CVSS6.1AI score0.0004EPSS
Exploits0References1
OSV
OSVadded 2025/09/04 12:15 p.m.1 views

CVE-2025-41058

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/rowmanager...

5.4CVSS5.7AI score
Exploits0References1
Cvelist
Cvelistadded 2025/09/04 11:14 a.m.4 views

CVE-2025-41059 Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/tablesorter...

5.1CVSS0.0004EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/04 12:0 a.m.2 views

PT-2025-35926

Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting XSS issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the dataAddonlayouts and dataAddonlayouts except...

5.4CVSS5.3AI score0.0004EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/09/04 12:0 a.m.2 views

PT-2025-35921

Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting XSS issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the dataAddonlayouts and dataAddonlayouts except...

5.4CVSS5.3AI score0.0004EPSS
Exploits0References4
Prion
Prionadded 2008/11/19 6:11 p.m.11 views

Remote file inclusion

PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gConfdirlayouts parameter...

9.3CVSS8.1AI score0.04412EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder