Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/14 3:16 p.m.7 views

CVE-2026-21730

Verba is affected by a Stored Cross-Site Scripting XSS vulnerability within its login logging mechanism. When an unauthenticated remote attacker attempts to log in using an incorrect username and password combination, the supplied username value is recorded in the application logs. Due to lack of...

6.1CVSS0.00045EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2001-0056

Malware in sbrugna...

7.5CVSS6.4AI score0.0075EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/10/06 12:0 a.m.2 views

PT-2025-40862

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description The system logs data from POST requests without validation. Specifically, when a user attempts to log in with incorrect credentials, the request data is logged. It is possible to send excessively lar...

7.5CVSS5.9AI score0.00141EPSS
Exploits0References9
CNVD
CNVDadded 2025/08/20 12:0 a.m.1 views

WordPress Authentication and xmlrpc log writer plugin cross-site scripting vulnerability

The WordPress Authentication and xmlrpc log writer plugin is a plugin for logging failed login attempts e.g. brute-force attacks and invalid XMLRPC requests, primarily for processing data and protecting against it with tools like fail2ban. The WordPress Authentication and xmlrpc log writer plugin...

7.1CVSS6.1AI score0.00039EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/17 9:4 p.m.6 views

CVE-2023-6030

The LogDash Activity Log WordPress plugin before 1.1.4 hooks the wploginfailed function from src/Hooks/Users.php in order to log failed login attempts to the database but it doesn't escape the username when it perform some SQL request leading to a SQL injection vulnerability which can be exploite...

5.4CVSS7.8AI score0.00403EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEVadded 2025/03/21 12:0 a.m.0 views

VulnCheck KEV: CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

8.2CVSS5.7AI score0.03183EPSS
Exploits1References1
OSV
OSVadded 2022/01/12 8:15 p.m.1 views

CVE-2021-45449

Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information access token or password on the user's machine during login. This only affects users if they are on Docker Desktop 4.3.0, 4.3.1 and the user has logged in while on 4.3.0, 4.3.1. Gaining access to this data would...

5.5CVSS5.8AI score0.00159EPSS
Exploits0References1
NVD
NVDadded 2001/09/03 4:0 a.m.16 views

CVE-2001-0978

login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program...

7.5CVSS6.7AI score0.0129EPSS
Exploits0References3
Cvelist
Cvelistadded 2001/05/07 4:0 a.m.12 views

CVE-2001-0056

The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection...

6.7AI score0.0075EPSS
Exploits0References2
Rows per page
Query Builder