Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

Positive Technologies
Positive Technologiesadded 2025/10/05 12:0 a.m.3 views

PT-2025-40801

Name of the Vulnerable Software and Affected Versions CRMEB versions prior to 5.7 Description A security flaw exists in CRMEB that allows for SQL injection. The issue is related to the processing of the cate id argument within the GET Parameter Handler component, specifically in the file...

8.8CVSS6.6AI score0.00041EPSS
Exploits0References7
CNNVD
CNNVDadded 2025/10/05 12:0 a.m.2 views

CRMEB 安全漏洞

CRMEB is a Java mall system of CRMEB open source. A security vulnerability exists in CRMEB 5.6 and earlier versions, which stems from an incorrect manipulation of the parameter cateid in the file /adminapi/product/product, which could lead to a SQL injection attack...

8.8CVSS6.7AI score0.00041EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-31021

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00148EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.3 views

Malicious code in product-api (npm)

The package product-api was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.0 views

MAL-2025-29709 Malicious code in product-api (npm)

The package product-api was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 3:31 a.m.4 views

CVE-2023-27243

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API...

7.5CVSS6.9AI score0.00148EPSS
Exploits0References1
NVD
NVDadded 2023/06/21 4:15 p.m.6 views

CVE-2023-27243

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API...

7.5CVSS7.4AI score0.00148EPSS
Exploits0References3
CVE
CVEadded 2023/06/21 12:0 a.m.31 views

CVE-2023-27243

CVE-2023-27243 concerns Makves DCAP, version 3.0.0.122, where an access-control flaw can let unauthenticated attackers retrieve cleartext credentials via a crafted request to the product API. The public description and connected documents consistently identify the root cause as improper access co...

7.5CVSS7.4AI score0.00148EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2023/06/21 12:0 a.m.12 views

CVE-2023-27243

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API...

7.6AI score0.00148EPSS
Exploits0References3
Exploit DB
Exploit DBadded 2023/05/23 12:0 a.m.193 views

LeadPro CRM v1.0 - SQL Injection

Exploit Title: LeadPro CRM v1.0 - SQL Injection Date: 2023-05-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/leadifly-lead-call-center-crm/43485578 Demo Site: https://demo.leadifly.in Tested on: Kali Linux CVE: N/A Request GET...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2023/04/03 4:39 a.m.2 views

Malicious code in @12build/product-api-ts-axios-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 336e30b4abb921976acb4a16517a2a6f2ad668fafe7e41d16b63dbba221feaa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2023/04/03 4:39 a.m.8 views

MAL-2023-21 Malicious code in @12build/product-api-ts-axios-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 336e30b4abb921976acb4a16517a2a6f2ad668fafe7e41d16b63dbba221feaa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder