Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/20 5:26 p.m.1 views

CVE-2026-32844

XinLiangCoder phpapidoc through commit 1ce5bbf contains a reflected cross-site scripting vulnerability in listmethod.php that allows remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious code through the f parameter. Attackers can craft a malicious URL with...

6.1CVSS6AI score0.00044EPSS
Exploits0References3
CVE
CVEadded 2026/03/20 5:26 p.m.5 views

CVE-2026-32844

XinLiangCoder php_api_doc contains a reflected XSS via list_method.php (GET parameter f) after commit 1ce5bbf. Unsanitized input is echoed to the page, enabling execution of arbitrary JavaScript in victims’ browsers. Impact cited includes session hijacking, credential theft, or malware distributi...

6.1CVSS6AI score0.00044EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/01/09 12:0 a.m.2 views

unknown-o download-station security vulnerability

unknown-o download-station is a download station. A security vulnerability exists in unknown-o download-station version 1.1.8, which stems from a path traversal caused by parameter f in file index.php...

7.5CVSS6.8AI score0.00123EPSS
Exploits0References5
CNNVD
CNNVDadded 2023/11/02 12:0 a.m.1 views

Simple Student Information System SQL Injection Vulnerability

Simple Student Information System is a web-based application platform by Carlo Montero, an individual developer. It can help a university or college to manage student information and academic records. A SQL injection vulnerability exists in Simple Student Information System version 1.0, which ste...

7.5CVSS8.1AI score0.00046EPSS
Exploits1References4
OSV
OSVadded 2022/07/22 5:15 p.m.2 views

CVE-2017-20140

A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input leads to basic cross site scripting Reflected. The attack may be launched...

6.1CVSS4.5AI score0.00201EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/07/22 12:0 a.m.2 views

Ambit Technologies Itech Movie Portal Script SQL注入漏洞

Ambit Technologies Itech Movie Portal Script is a Movie Portal Script from Ambit Technologies, USA. An SQL injection vulnerability exists in Ambit Technologies Itech Movie Portal Script version 7.36, which stems from unknown code in movie.php, where manipulation of the parameter f can lead to SQL...

9.8CVSS8.5AI score0.00229EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2019/10/21 12:0 a.m.3 views

PT-2019-14907 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 4.5.8 Description: The issue in FusionPBX allows unauthorized access to download files due to an unsanitized variable f coming from the URL in the file resourcesdownload.php. This enables an attacker to download an...

6.5CVSS6.3AI score0.00485EPSS
Exploits0References5
CNVD
CNVDadded 2017/12/15 12:0 a.m.1 views

FS IMDB Clone SQL Injection Vulnerability

FS IMDB Clone is a set of PHP-based scripts for online movie ticket booking websites. A SQL injection vulnerability exists in FS IMDB Clone version 1.0. The vulnerability can be exploited to inject SQL by sending the 'f' parameter to the movie.php file, the 's' parameter to the tvshow.php file, o...

9.8CVSS8AI score0.02377EPSS
Exploits1References1
Rows per page
Query Builder