Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

OSV
OSVadded 2024/07/15 9:15 a.m.3 views

CVE-2024-6398

An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. The risk is low, because oth...

5.3CVSS5.8AI score0.00071EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2024/06/19 12:0 a.m.15 views

JVN#60331535: WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page

WordPress plugin "SiteGuard WP Plugin" provided by EG Secure Solutions Inc. provides a functionality to customize the path to the login page wp-login.php. The plugin implements a measure to avoid redirection from other URLs, but missed to implement a measure to avoid redirection from...

5.3CVSS5.4AI score0.05198EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 5:30 a.m.3 views

SUSE CVE-2014-1561

Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during 1 page, 2 panel, or 3 toolbar customization...

5.8CVSS8.8AI score0.00752EPSS
Exploits0References6
CISA KEV Catalog
CISA KEV Catalogadded 2021/11/03 12:0 a.m.15 views

Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability

Zoho ManageEngine ServiceDesk Plus SDP contains an unspecified vulnerability that allows remote users to upload files via login page customization...

7.5CVSS6.4AI score0.87518EPSS
In wildExploits5
VulnCheck KEV
VulnCheck KEVadded 2020/12/23 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus SDP contains an unspecified vulnerability that allows remote users to upload files via login page customization...

7.5CVSS6.8AI score0.87518EPSS
Exploits5References1
OSV
OSVadded 2019/02/17 4:29 a.m.2 views

CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization...

6.5CVSS6.9AI score0.87518EPSS
Exploits5References4
Prion
Prionadded 2019/02/17 4:29 a.m.20 views

Design/Logic Flaw

Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization...

4CVSS6.5AI score0.87518EPSS
Exploits5References3Affected Software1
NVD
NVDadded 2019/02/17 4:29 a.m.13 views

CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization...

7.5CVSS6.5AI score0.87518EPSS
Exploits5References4
Cvelist
Cvelistadded 2019/02/17 4:0 a.m.17 views

CVE-2019-8394

Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization...

6.5AI score0.87518EPSS
Exploits5References3
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2013/09/10 4:56 a.m.2 views

Cybozu Office vulnerable to cross-site scripting

Overview Cybozu Office is a groupware. Cybozu Office contains a cross-site scripting vulnerability in the function to customize the top page. Motoki Nishio of VALTES CO.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS5.9AI score0.00296EPSS
Exploits0References5
Rows per page
Query Builder