Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

UbuntuCve
UbuntuCveadded 2026/04/03 2:16 p.m.2 views

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

5.5CVSS5.7AI score0.00015EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/10/02 12:0 a.m.5 views

PT-2024-25147 · Flatpress · Flatpress

Name of the Vulnerable Software and Affected Versions: FlatPress version 1.3 Description: The issue allows an attacker to inject malicious JavaScript code into the "Add New Entry" section, enabling them to execute arbitrary code in the context of a victim's web browser. This can lead to potential...

5.4CVSS8.4AI score0.06236EPSS
Exploits2References7
Cvelist
Cvelistadded 2024/10/02 12:0 a.m.12 views

CVE-2024-33209

FlatPress v1.3 is vulnerable to Cross Site Scripting XSS. An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser...

0.06236EPSS
Exploits2References1
CNNVD
CNNVDadded 2024/10/02 12:0 a.m.1 views

FlatPress 安全漏洞

FlatPress is a blog builder system based on Php without database support from the FlatPress community. A security vulnerability exists in FlatPress v1.3. The vulnerability can be exploited to inject malicious JavaScript code into the "Add New Entry" section to execute arbitrary code in the victim...

5.4CVSS7.5AI score0.06236EPSS
Exploits2References2
GithubExploit
GithubExploitadded 2024/09/28 8:17 a.m.63 views

Exploit for Cross-site Scripting in Flatpress

CVE-2024-33209 FlatPress 1.3. is vulnerable to Cross Site Scri...

5.4CVSS9.3AI score0.06236EPSS
Exploits2
OSV
OSVadded 2022/05/17 2:27 a.m.11 views

GHSA-5R9J-698H-2H5M Bolt stored Cross-site Scripting (XSS)

Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry...

5.4CVSS5.2AI score0.00281EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2022/05/14 1:42 a.m.12 views

Bolt Cross-site Scripting (XSS) via text input click preview button

Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry...

6.1CVSS5.9AI score0.02243EPSS
Exploits5References5Affected Software1
CNVD
CNVDadded 2022/05/13 12:0 a.m.29 views

SourceCodester Car Rental Management System Arbitrary File Upload Vulnerability

Sourcecodester Car Rental Management System is a car rental management system from Sourcecodester, Inc. SourceCodester Car Rental Management System version 1.0 is vulnerable to an arbitrary file upload vulnerability, which originates from The vulnerability is caused by a lack of validation of...

7.2CVSS2.8AI score0.00993EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/05/11 1:15 p.m.2 views

CVE-2022-29318

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS6.2AI score0.00993EPSS
Exploits1References2
OSV
OSVadded 2022/05/11 1:15 p.m.2 views

CVE-2022-29318

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

7.2CVSS6.1AI score
Exploits0References1
Prion
Prionadded 2022/05/11 1:15 p.m.10 views

Design/Logic Flaw

An arbitrary file upload vulnerability in the New Entry module of Car Rental Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

6.5CVSS7.3AI score0.00993EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/05/11 12:58 p.m.68 views

CVE-2022-29318

CVE-2022-29318 affects SourceCodester Car Rental Management System v1.0, specifically the New Entry module. The root cause is lack of validation for uploaded files, enabling arbitrary PHP file uploads and potential code execution. Exploitation details, impacted versions beyond v1.0, and concrete ...

7.2CVSS7.2AI score0.00993EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2022/05/11 12:0 a.m.3 views

Car Rental Management System 代码问题漏洞

Sourcecodester Car Rental Management System is a car rental management system from Sourcecodester, Inc. SourceCodester Car Rental Management System version 1.0 is vulnerable to an arbitrary file upload vulnerability, which originates from The vulnerability is caused by a lack of validation of...

7.2CVSS7.5AI score0.00993EPSS
Exploits1References2
CNVD
CNVDadded 2021/07/09 12:0 a.m.12 views

ProjectWorlds College Management System Cross-Site Request Forgery Vulnerability

ProjectWorlds College Management System is a college management system. projectWorlds College Management System is vulnerable to cross-site request forgery, which can be exploited by attackers to modify, delete student, faculty, teacher, subject, grade, location, and article data or create new...

6.5CVSS3.2AI score0.00242EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2020/05/07 12:0 a.m.150 views

KeeWeb 1.14.0 HTML Injection

Document Title: =============== KeeWeb v1.14.0 - Notes Html Inject Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2237 Release Date: ============= 2020-05-06 Vulnerability Laboratory ID VL-ID: ==================================== 2237...

0.2AI score
Exploits0
Packet Storm
Packet Stormadded 2018/12/19 12:0 a.m.33 views

Bolt CMS Cross Site Scripting

Exploit Title: Bolt CMS https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting/raw/master/bolt-v3.6.2.zip Affected Version: alert"Raif" Description Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry. PoC Video:...

6.6AI score0.02243EPSS
Exploits5
Exploit DB
Exploit DBadded 2018/12/19 12:0 a.m.41 views

Bolt CMS < 3.6.2 - Cross-Site Scripting

Exploit Title: Bolt CMS https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting/raw/master/bolt-v3.6.2.zip Affected Version: alert"Raif" Description Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry. PoC Video:...

6.1CVSS6.5AI score0.02243EPSS
Exploits5
exploitpack
exploitpackadded 2018/12/19 12:0 a.m.28 views

Bolt CMS 3.6.2 - Cross-Site Scripting

Bolt CMS 3.6.2 - Cross-Site Scripting Exploit Title: Bolt CMS https://github.com/rdincel1/Bolt-CMS-3.6.2---Cross-Site-Scripting/raw/master/bolt-v3.6.2.zip Affected Version: alert"Raif" Description Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of ...

4.3CVSS6.3AI score0.02243EPSS
Exploits5
OSV
OSVadded 2018/12/17 7:29 p.m.15 views

CVE-2018-19933

Bolt CMS 3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry...

6.1CVSS5.7AI score
Exploits0References3
NVD
NVDadded 2017/07/17 7:29 p.m.11 views

CVE-2017-11128

Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry...

5.4CVSS5.6AI score0.00281EPSS
Exploits1References1
Rows per page
Query Builder