Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2026/02/20 4:22 p.m.4 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

9.8CVSS0.00335EPSS
Exploits0References1
OSV
OSVadded 2026/02/20 4:22 p.m.1 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

9.8CVSS5.9AI score0.00335EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/02/20 12:0 a.m.1 views

CVE-2025-70831

A Remote Code Execution RCE vulnerability was found in Smanga 3.2.7 in the /php/path/rescan.php interface. The application fails to properly sanitize user-supplied input in the mediaId parameter before using it in a system shell command. This allows an unauthenticated attacker to inject arbitrary...

5.9AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/02/20 12:0 a.m.6 views

Smanga 安全漏洞

Smanga is a Docker-based comic streaming reading tool developed by lkw199711. Version 3.2.7 of Smanga has a security vulnerability. This vulnerability stems from improper handling of the mediaId parameter in the /php/path/rescan.php interface. It could allow unverified attackers to inject operati...

9.8CVSS6.5AI score0.00335EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-4515

Malware in sbrugna...

4.3CVSS6.4AI score0.00174EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2023/09/01 4:15 p.m.0 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

9.8CVSS6.4AI score0.48131EPSS
Exploits1References2
NVD
NVDadded 2023/09/01 4:15 p.m.16 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

9.8CVSS9.9AI score0.48131EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/09/01 12:0 a.m.10 views

CVE-2023-36076

SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php...

8.6AI score0.48131EPSS
Exploits1References1
Prion
Prionadded 2014/07/02 6:55 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager wphotfiles plugin 1.0.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the mediaid parameter...

4.3CVSS6.2AI score0.00174EPSS
Exploits1References1
CVE
CVEadded 2014/07/02 6:0 p.m.46 views

CVE-2014-4588

The CVE-2014-4588 entry concerns the WordPress plugin Hot Files: File Sharing and Download Manager (wphotfiles)

4.3CVSS6AI score0.00174EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder