Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Vulnrichment
Vulnrichmentadded 2024/10/24 12:0 a.m.7 views

CVE-2024-45262

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in the call method of the /rpc endpoint is vulnerable to arbitrary directory traversal, which enables attackers to execute scripts under any path...

7.3AI score0.00132EPSS
Exploits1References1
NVD
NVDadded 2024/10/09 4:15 a.m.9 views

CVE-2024-25283

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

Exploits1
CVE
CVEadded 2024/10/09 12:0 a.m.51 views

CVE-2024-25282

Redsys 3DSecure 2.0 (3DS Method Authentication) is reported vulnerable to Cross‑Site Scripting (XSS) via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn=... path. Root cause: insufficient sanitization/validation of the params field, which is base64-enco...

6.1AI score
Exploits1
Vulnrichment
Vulnrichmentadded 2024/10/09 12:0 a.m.9 views

CVE-2024-25282

3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring...

5.3AI score
Exploits1References2
Prion
Prionadded 2019/03/06 4:29 p.m.12 views

Cross site scripting

AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter...

4.3CVSS6AI score0.0024EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2014/04/15 10:0 a.m.15 views

CVE-2014-0359

Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via shell metacharacters in a guiinputtest.pl params parameter to servlet/Installer...

7.6AI score0.01139EPSS
Exploits0References1
NVD
NVDadded 2008/07/09 12:41 a.m.8 views

CVE-2008-3082

Cross-site scripting XSS vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...

4.3CVSS5.7AI score0.00329EPSS
Exploits0References5
Prion
Prionadded 2008/07/09 12:41 a.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...

4.3CVSS6.2AI score0.00329EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2008/07/09 12:0 a.m.12 views

CVE-2008-3082

Cross-site scripting XSS vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...

5.7AI score0.00329EPSS
Exploits0References5
Cvelist
Cvelistadded 2007/07/06 7:0 p.m.16 views

CVE-2007-3613

Cross-site scripting XSS vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service IGS allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...

5.7AI score0.12811EPSS
Exploits1References9
Rows per page
Query Builder