Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

Veracode
Veracodeadded 2025/11/27 7:34 a.m.5 views

Weak-password Policy Bypass

novosga/novosga is vulnerable to weak-password policy bypass. The vulnerability is due to improper validation of the Senha/Confirmação da Senha fields in the User Creation Page /novosga.users/new, which allows an attacker to remotely exploit the weak password policy, though with high complexity a...

6.3CVSS6.7AI score0.00043EPSS
Exploits0References7Affected Software1
Veracode
Veracodeadded 2025/11/06 5:13 p.m.5 views

Cross-site Scripting (XSS)

novosga/novosga is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in the logoNavbar/logoLogin parameters within the /admin component’s SVG File Handler, which allows an attacker to inject and execute arbitrary web scripts remotely...

4.8CVSS7AI score0.0001EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/07 6:9 a.m.3 views

CVE-2025-11322

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS6.4AI score0.00043EPSS
Exploits0References1
OSV
OSVadded 2025/10/06 6:32 a.m.2 views

GHSA-XGR2-5837-HF48 NovoSGA: Manipulation of User Creation Page can lead to weak password requirements

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS4.7AI score0.00043EPSS
Exploits0References7
Snyk
Snykadded 2025/10/06 6:32 a.m.3 views

Weak Password Requirements

Overview Affected versions of this package are vulnerable to Weak Password Requirements via manipulation of the Senha/Confirmação da senha argument in the User Creation Page. An attacker can bypass strong password requirements by submitting weak passwords during user account creation. Remediation...

6.3CVSS7.1AI score0.00043EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2025/10/06 6:32 a.m.7 views

NovoSGA: Manipulation of User Creation Page can lead to weak password requirements

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS6.6AI score0.00043EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2025/10/06 6:15 a.m.2 views

CVE-2025-11322

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS0.00043EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/06 5:32 a.m.1 views

EUVD-2025-32490

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS6AI score0.00043EPSS
Exploits0References6
CVE
CVEadded 2025/10/06 5:32 a.m.10 views

CVE-2025-11322

CVE-2025-11322 affects Mangati NovoSGA up to version 2.2.12, where the vulnerability exists in the User Creation Page (file /novosga.users/new). Manipulating the password confirmation field Senha/Confirmação da senha enables weak password requirements and can be exploited remotely. The exploitati...

6.3CVSS6.2AI score0.00043EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/10/06 5:32 a.m.2 views

CVE-2025-11322 Mangati NovoSGA User Creation new weak password

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS6.2AI score0.00043EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/10/06 5:32 a.m.9 views

CVE-2025-11322 Mangati NovoSGA User Creation new weak password

A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak password requirements. The attack can be launch...

6.3CVSS0.00043EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2025/10/06 12:0 a.m.2 views

PT-2025-40851

Name of the Vulnerable Software and Affected Versions Mangati NovoSGA versions up to 2.2.12 Description A weakness exists in Mangati NovoSGA up to version 2.2.12 related to weak password requirements during user creation. The issue is located in the User Creation Page component, specifically with...

6.3CVSS4AI score0.00043EPSS
Exploits0References12
CNNVD
CNNVDadded 2025/10/06 12:0 a.m.2 views

Mangati NovoSGA 安全漏洞

Mangati NovoSGA is a service management system from the Brazilian company Mangati. A security vulnerability exists in Mangati NovoSGA version 2.2.12 and earlier, which stems from incorrect manipulation of the parameter Senha/Confirmação da senha in the User Creation page, and could result in a we...

6.3CVSS4.7AI score0.00043EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-31011

Malicious code in bioql PyPI...

4.8CVSS3.9AI score0.0001EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/09/25 4:45 p.m.2 views

CVE-2025-10909

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS3.2AI score0.0001EPSS
Exploits0References1
OSV
OSVadded 2025/09/24 6:30 p.m.2 views

GHSA-4C44-R8RM-3P39 Mangati NovoSGA XSS vulnerability in /admin

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.6AI score0.0001EPSS
Exploits0References7
Github Security Blog
Github Security Blogadded 2025/09/24 6:30 p.m.5 views

Mangati NovoSGA XSS vulnerability in /admin

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.6AI score0.0001EPSS
Exploits0References7Affected Software1
NVD
NVDadded 2025/09/24 5:15 p.m.2 views

CVE-2025-10909

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS0.0001EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/09/24 4:32 p.m.8 views

CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS0.0001EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/09/24 4:32 p.m.1 views

CVE-2025-10909 Mangati NovoSGA SVG File admin cross site scripting

A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is...

4.8CVSS5.4AI score0.0001EPSS
Exploits0References5
Rows per page
Query Builder