Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/02/16 6:19 p.m.0 views

CVE-2019-25394

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in parameters like INIT, HANGUP, SPEAKERON,...

6.1CVSS5.9AI score0.00042EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/01/28 11:52 a.m.2 views

CVE-2025-59892 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00034EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/10 5:41 a.m.6 views

CVE-2025-67810

In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...

6.5CVSS6.8AI score0.00019EPSS
Exploits0References1
NVD
NVDadded 2025/12/26 4:15 p.m.1 views

CVE-2025-67015

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1 allows attackers to change the Administrator password and escalate privileges via sending a crafted POST request to /Forms/adminaccess1...

7.5CVSS0.00017EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2025/12/02 12:36 a.m.5 views

Grav has Broken Access Control which allows an Editor to modify the page's YAML Frontmatter to alter form processing actions

Summary Due to a broken access control vulnerability in the /admin/pages/pagename endpoint, an editor user with full permissions to pages can change the functionality of a form after submission. Details Due to improper authorization checks when modifying critical fields on a POST request to...

9.6CVSS6.8AI score0.29124EPSS
Exploits4References3Affected Software1
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.1 views

PT-2024-2458 · Tenda · Tenda F1203

Name of the Vulnerable Software and Affected Versions: Tenda FH1203 version 2.0.1.6 Description: The issue is related to a stack overflow vulnerability in the addWifiMacFilter function, specifically with the deviceMac parameter. This vulnerability can be exploited through a specially crafted POST...

9CVSS7.5AI score0.00243EPSS
Exploits1References6
CNVD
CNVDadded 2016/08/30 12:0 a.m.2 views

File Download Vulnerability in New Windward Technology's Online Learning Test System

New Windward Technology Online Learning Exam System is built based on enterprise-level database platform, the system architecture using a three-tier structure, B/S mode development can be used for online training and examination system. The product exists arbitrary file download vulnerability,...

7.1AI score
Exploits0References1
Rows per page
Query Builder