Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/02/18 5:21 p.m.5 views

CVE-2025-70141

SourceCodester Customer Support System 1.0 contains an incorrect access control vulnerability in ajax.php. The AJAX dispatcher does not enforce authentication or authorization before invoking administrative methods in adminclass.php based on the action parameter. An unauthenticated remote attacke...

9.4CVSS0.00577EPSS
Exploits1References2
CVE
CVEadded 2026/02/18 12:0 a.m.10 views

CVE-2025-70141

SourceCodester Customer Support System 1.0 contains an access-control flaw in ajax.php: the AJAX dispatcher may invoke administrative actions in admin_class.php without authentication/authorization checks, based on the action parameter. This allows an unauthenticated remote attacker to perform se...

9.4CVSS5.6AI score0.00577EPSS
Exploits1References2Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-31339

Malicious code in bioql PyPI...

5.7CVSS6.3AI score0.00049EPSS
Exploits0References8
OSV
OSVadded 2024/04/16 10:15 p.m.0 views

CVE-2024-21038

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite component: LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

6.1CVSS7.1AI score
Exploits0References1
CNNVD
CNNVDadded 2024/01/23 12:0 a.m.1 views

SilverStripe Admin Security Vulnerability

SilverStripe is New Zealand SilverStripe company's set of open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . A security vulnerability exists in Silverstripe Admin version 1.x prior to 1.13.19 and...

4.3CVSS6.8AI score0.00146EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2022/05/13 1:4 a.m.7 views

TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors...

6.4CVSS6.9AI score0.0035EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/05/13 1:4 a.m.10 views

GHSA-377V-8637-6VQ6 TYPO3 femanager extension allows remote frontend users to modify or delete records of other frontend users

The femanager extension before 1.0.9 for TYPO3 allows remote frontend users to modify or delete the records of other frontend users via unspecified vectors...

8.8CVSS6.8AI score0.0035EPSS
Exploits0References4
CISA
CISAadded 2018/09/19 12:0 a.m.24 views

ISC Releases Security Advisory for BIND

The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain BIND. Under certain conditions, a remote attacker could exploit this vulnerability to modify records on an affected server. NCCIC...

4CVSS2.3AI score0.00971EPSS
Exploits0References1
OSV
OSVadded 2017/10/24 6:33 p.m.27 views

GHSA-GJXW-5W2Q-7GRF Rails activerecord gem has Improper Input Validation vulnerability

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs...

6.4CVSS6.3AI score0.00712EPSS
Exploits0References9
Rows per page
Query Builder