Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2025/08/21 4:15 p.m.4 views

CVE-2025-55420

A Reflected Cross Site Scripting XSS vulnerability was found in /index.php in FoxCMS v1.2.6. When a crafted script is sent via a GET request, it is reflected unsanitized into the HTML response. This permits execution of arbitrary JavaScript code when a logged-in user submits the malicious input...

8.8CVSS0.0046EPSS
Exploits1References1
CVE
CVEadded 2025/08/21 12:0 a.m.16 views

CVE-2025-55420

FoxCMS v1.2.6 is affected by a Reflected XSS in the /index.php endpoint. The issue stems from unsanitized reflection of a crafted script via a GET request, enabling execution of arbitrary JavaScript when a logged-in user submits the malicious input. CVSSv3.1 base score 8.8 (HIGH) with NETWORK att...

8.8CVSS6.1AI score0.0046EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/22 3:28 p.m.6 views

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

9.8CVSS8.8AI score0.22898EPSS
Exploits2
Positive Technologies
Positive Technologiesadded 2022/01/01 12:0 a.m.4 views

PT-2025-8251

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an infinite loop in the f2fs file system, which can occur when flushing node pages. This loop can be triggered by xfstests/generic/475, resulting in an EIO error...

5.5CVSS5.9AI score0.00209EPSS
Exploits0References15
Cvelist
Cvelistadded 2019/11/21 3:26 p.m.14 views

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

10AI score0.17188EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2016/04/14 12:0 a.m.2 views

The vulnerability of the Debian GNU/Linux operating system, which allows a hacker to read arbitrary files

The vulnerability of the wiki.c function in DidiWiki’s kernel is related to deficiencies in pathname restrictions for the catalog. Exploiting this vulnerability could allow a malicious actor to read arbitrary files through the api/page/get parameter...

5CVSS7.3AI score0.03534EPSS
Exploits0References9Affected Software1
OSV
OSVadded 2016/02/23 7:59 p.m.0 views

UBUNTU-CVE-2013-7448

Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get...

7.5CVSS7.2AI score0.03534EPSS
Exploits0References4
Cvelist
Cvelistadded 2016/02/23 7:0 p.m.25 views

CVE-2013-7448

Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get...

7.3AI score0.03534EPSS
Exploits0References7
CVE
CVEadded 2016/02/23 7:0 p.m.62 views

CVE-2013-7448

CVE-2013-7448 concerns a path traversal in DidiWiki’s wiki.c, where the file-writer path in the API endpoint api/page/get fails to validate the page parameter, enabling remote attackers to read arbitrary files. Multiple connected sources reiterate the same vulnerability across various advisories ...

7.5CVSS7.3AI score0.03534EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder