Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/05/08 8:21 p.m.5 views

CVE-2026-41930

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to...

9.8CVSS5.8AI score0.00074EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/06 12:0 a.m.4 views

Vvveb 访问控制错误漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.2 contained an access control vulnerability. This vulnerability stemmed from hard-coded credentials in the...

9.8CVSS5.8AI score0.00074EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.6 views

PT-2026-38219

Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description A hard-coded credentials issue exists in the docker-compose-apache.yaml configuration. This allows unauthenticated attackers to access the bundled phpMyAdmin container using pre-configured database...

9.8CVSS5.8AI score0.00074EPSS
Exploits0References12
RedhatCVE
RedhatCVEadded 2025/05/22 5:20 a.m.3 views

CVE-2019-15235

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...

6.5CVSS6.8AI score0.00398EPSS
Exploits4References1
OSV
OSVadded 2019/12/17 4:15 p.m.1 views

CVE-2019-14782

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to make a request to extract the victim's password for the OS...

6.5CVSS6.6AI score0.00398EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2019/12/17 12:0 a.m.1 views

PT-2019-14030 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.864 Description: The issue allows an attacker to obtain a victim's session file name from /home/USERNAME/tmp/session/sess xxxxxx and the victim's token value from /usr/local/cwpsrv/logs/access log. With this...

6.5CVSS6.6AI score0.00398EPSS
Exploits3References4
Positive Technologies
Positive Technologiesadded 2019/09/10 12:0 a.m.1 views

PT-2019-13802 · Php +1 · Phpmyadmin +1

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue allows an attacker to remove a target user from phpMyAdmin via an attacker account due to an insecure object reference. Recommendations: For version 0.9.8.851, consider restricting...

6.5CVSS6.4AI score0.00621EPSS
Exploits2References4
0day.today
0day.todayadded 2019/09/09 12:0 a.m.66 views

WordPress 5.2.3 - Cross-Site Host Modification Exploit

Exploit for php platform in category web applications !/usr/bin/perl -w Wordpress Type: Remote Risk: High Solution: Set security headers to web server and no-cache for Cache-Control Simple Attack Scenarios: o This attack can bypass Simple WAF to access restricted content on the web server,...

7.1AI score
Exploits0
Rows per page
Query Builder