Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2011-1469

Malware in sbrugna...

4.3CVSS6AI score0.00847EPSS
Exploits1References11
RedhatCVE
RedhatCVEadded 2025/05/23 2:12 a.m.4 views

CVE-2023-3204

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companiondisablepopup function called via an AJAX action. This makes it possible for authenticated attackers, with...

6.5CVSS6.5AI score0.0028EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/06/20 2:8 a.m.10 views

CVE-2023-3204 Materialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options Update

The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companiondisablepopup function called via an AJAX action. This makes it possible for authenticated attackers, with...

6.5CVSS6.3AI score0.0028EPSS
Exploits0References3
WPVulnDB
WPVulnDBadded 2023/04/03 12:0 a.m.12 views

WP FEvents Book <= 0.46 - Subscriber+ Arbitrary Booking Manipulation via IDOR

The plugin does not ensures that bookings to be updated belong to the user making the request, allowing any authenticated user to book, add notes, or cancel booking on behalf of other users. PoC 1. Book or cancel booking an event using an authenticated user. 2. Intercept the request using an HTTP...

6.5CVSS6.7AI score0.00195EPSS
Exploits2Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2009/06/08 12:0 a.m.35 views

Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of attr functions in a CSS content...

9.3CVSS2.2AI score0.07775EPSS
Exploits2References1
Prion
Prionadded 2007/03/03 7:19 p.m.12 views

Design/Logic Flaw

sitex allows remote attackers to obtain sensitive information via a request with a numerical value for the 1 sxMonth or 2 sxYear parameter to calendar.php, or the 3 page parameter to calendarevents.php, which reveals the path in various error messages...

6.4CVSS6.7AI score0.00392EPSS
Exploits0References4
CVE
CVEadded 2007/03/03 7:0 p.m.48 views

CVE-2007-1236

CVE-2007-1236 affects sitex applications and concerns information disclosure through error messages produced by calendar.php (parameters sxMonth[] or sxYear[]) and calendar_events.php (parameter page[]). An attacker can craft requests with numerical values that cause error responses revealing the...

6.4CVSS6.2AI score0.00392EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder