Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1624 matches found

RedhatCVE
RedhatCVEadded yesterday3 views

CVE-2026-7143

A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affects an unknown function of the file /admin/blockstatus.php. The manipulation of the argument q leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and...

6.5CVSS6.5AI score0.00036EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded yesterday2 views

CVE-2026-7144

A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file updatepasswdprocess.php. The manipulation of the argument tempuser results in authorization bypass. The attack can be launched remotely. The exploit has been...

5.3CVSS5.2AI score0.00035EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded yesterday1 views

CVE-2025-14042

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS5.7AI score0.00026EPSS
Exploits0References1
Nuclei
Nucleiadded yesterday8 views

WP Projects Portfolio <= 3.0 - Cross-Site Scripting

WP Projects Portfolio with Client Testimonials WordPress plugin = 3.0 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13114...

6.1CVSS7.6AI score0.02069EPSS
Exploits1References2
Nuclei
Nucleiadded 2 days ago23 views

Joomla! Portfolio Nexus - Remote File Inclusion

Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF comifnexus component that allows remote attackers to include and execute arbitrary local files via a .. dot dot in the controller parameter to index.php. id: CVE-2009-4679 info: name: Joomla! Portfol...

7.5CVSS6.1AI score0.06322EPSS
Exploits1References4
NVD
NVDadded 2026/05/29 7:16 a.m.13 views

CVE-2025-14042

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00026EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/29 5:32 a.m.6 views

CVE-2025-14042 Automotive Car Dealership Business WordPress Theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Portfolio Project Details

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00026EPSS
Exploits0References2
CVE
CVEadded 2026/05/29 5:32 a.m.11 views

CVE-2025-14042

The CVE concerns the WordPress theme “Automotive Car Dealership Business” (versions

6.4CVSS6AI score0.00026EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/29 5:32 a.m.11 views

EUVD-2025-209982

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00026EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/29 5:32 a.m.6 views

CVE-2025-14042

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00026EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/29 5:32 a.m.33 views

CVE-2025-14042 Automotive Car Dealership Business WordPress Theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Portfolio Project Details

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00026EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.10 views

PT-2026-44750

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00026EPSS
Exploits0References3
NVD
NVDadded 2026/05/25 3:16 p.m.10 views

CVE-2018-25381

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS0.00029EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/25 2:15 p.m.9 views

CVE-2018-25381

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS6.1AI score0.00029EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/25 2:15 p.m.18 views

CVE-2018-25381 Joomla Responsive Portfolio 1.6.1 SQL Injection via filter parameters

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS0.00029EPSS
Exploits0References4
CVE
CVEadded 2026/05/25 2:15 p.m.13 views

CVE-2018-25381

Joomla Responsive Portfolio 1.6.1 is affected by an SQL injection via POST parameters filter_type_id, filter_pid_id, and filter_search. The vulnerability allows authenticated attackers to execute arbitrary SQL commands and potentially extract credentials and server details. Reported CVSS v4.0/bas...

7.1CVSS6.1AI score0.00029EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/25 2:15 p.m.7 views

EUVD-2018-21903

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS6.1AI score0.00029EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.7 views

PT-2026-43233

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filter type id, filter pid id, and filter search parameters in POST...

7.1CVSS6.1AI score0.00029EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/05/25 12:0 a.m.7 views

Joomla! Responsive Portfolio SQL注入漏洞

Joomla! Responsive Portfolio is a Joomla! open source Joomla website portfolio extension. A SQL injection vulnerability exists in Joomla! Responsive Portfolio version 1.6.1, which stems from SQL injection of multiple filter parameters, which could lead to an authenticated attacker injecting...

7.1CVSS5.9AI score0.00029EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/05/14 1:15 p.m.52 views

portofolio_DWForSec

DwF — Cybersecurity Portfolio A professional cybersecurity po...

5.7AI score
Exploits0
Rows per page
Query Builder