Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2024/07/08 4:43 p.m.2 views

CVE-2024-39701 Directus Incorrectly handles _in` filter

Directus is a real-time API and App dashboard for managing SQL database content. Directus =9.23.0, =v10.5.3 improperly handles in, nin operators. It evaluates empty arrays as valid so expressions like "role": "in": $CURRENTUSER.somefield would evaluate to true allowing the request to pass. This...

6.3CVSS7.2AI score0.00106EPSS
Exploits1References3
Openbugbounty
Openbugbountyadded 2023/06/30 11:54 a.m.3 views

nin-nin.fr Cross Site Scripting vulnerability OBB-3477136

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Snyk
Snykadded 2022/07/07 8:6 a.m.2 views

Malicious Package

Overview nin-date-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snykadded 2022/06/23 9:24 a.m.2 views

Malicious Package

Overview nin-modal is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7AI score
Exploits0References3
Hacker One
Hacker Oneadded 2022/04/11 12:18 a.m.17 views

MTN Group: Unprotected Direct Object Reference

Hello MTN Security Team, During my hunting, I discovered that there's an Insecure Direct Object Reference on https://nin.mtnonline.com Vulnerable Path: https://nin.mtnonline.com/nin/success?message=1 Steps To Reproduce: You may not even require to submit any NIN before accessing this unprotected...

6.9AI score
Exploits0
Hacker One
Hacker Oneadded 2021/08/21 6:46 a.m.45 views

MTN Group: Otp bypass in verifying nin

Summary: while conducting my research in your website I found that while verifying NIN number it send the otp to the enterd mobile number that can be bypassed. Steps To Reproduce: 1 Go to https://nin.mtnonline.com/nin/ 2 click submit nin.Now it will redirect to another page...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2008/03/25 12:0 a.m.33 views

Cuteflow Bin v1.5.0 Local File Inclusion Vuln

Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability + Author : KnocKout + Site : www.wikipediatr.com ============================================== Script : Cuteflow Bin v1.5.0 Download : http://scripts.ringsworld.com/groupware-tools/cuteflow-bin-v150/ Exploit :...

0.6AI score
Exploits0
Rows per page
Query Builder