Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40974 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/26 1:15 a.m.2 views

CVE-2026-7012

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument fall/fall404 results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to versi...

4.8CVSS3.9AI score0.00291EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/26 1:15 a.m.5 views

CVE-2026-7012 MaxSite CMS Redirect Plugin cross site scripting

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument fall/fall404 results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to versi...

4.8CVSS3.3AI score0.00291EPSS
Exploits0References7
CVE
CVEadded 2026/04/26 1:15 a.m.11 views

CVE-2026-7012

MaxSite CMS (up to 109.3) is affected in the Redirect Plugin, where manipulation of the f_all/f_all404 argument enables cross-site scripting. The vulnerability is exploitable remotely and, per sources, the exploit is public. Upgrading to version 109.4 mitigates the issue; the patch is identified ...

4.8CVSS3.3AI score0.00291EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/26 12:30 a.m.3 views

CVE-2026-7011

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS3.9AI score0.00269EPSS
Exploits0References7Affected Software1
EUVD
EUVDadded 2026/04/26 12:30 a.m.5 views

EUVD-2026-25685

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS3.2AI score0.00269EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/04/26 12:30 a.m.26 views

CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS0.00269EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/04/26 12:30 a.m.4 views

CVE-2026-7011 MaxSite CMS Antispam Plugin plugin_antispam cross site scripting

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/pluginantispam of the component Antispam Plugin. Executing a manipulation of the argument floggingfile can lead to cross site scripting. It is possible to launc...

4.8CVSS3.2AI score0.00269EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.5 views

PT-2026-35238

A vulnerability was found in 666ghj MiroFish up to 0.1.2. This affects the function get simulation posts of the file backend/app/api/simulation.py of the component Query Parameter Handler. Performing a manipulation of the argument Platform results in path traversal. The attack can be initiated...

6.9CVSS5.1AI score0.0044EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.4 views

PT-2026-35224

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create app of the file backend/app/ init .py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been publishe...

7.5CVSS5.1AI score0.00383EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35194

A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail send Plugin. The manipulation of the argument f subject/f files/f from leads to cross site scripting. The attack can be initiated remotely. The exploit...

4.8CVSS3.7AI score0.00215EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.6 views

PT-2026-35233

A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS8.7AI score0.0065EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.2 views

PT-2026-35216

A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been...

9CVSS6.1AI score0.00746EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35234

A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...

9CVSS5.7AI score0.00622EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.5 views

PT-2026-35207

A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

6.8CVSS3.7AI score0.00556EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.4 views

PT-2026-35208

A vulnerability was identified in D-Link DSL-2740R EU 01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS3AI score0.00433EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35195

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down count Plugin. This manipulation of the argument f file/f prefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used...

4.8CVSS3.9AI score0.00269EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.7 views

PT-2026-35269

Name of the Vulnerable Software and Affected Versions Intina47 context-sync versions prior to 2.0.0 Description A flaw in the Git Integration component, specifically within the src/git-integration.ts file, allows for remote OS command injection. This occurs when an attacker sends specially crafte...

7.5CVSS7.2AI score0.01368EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.4 views

PT-2026-35215

A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...

9CVSS5.9AI score0.00632EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35214

A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used...

9CVSS5.9AI score0.00655EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.3 views

PT-2026-35218

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...

9CVSS8.9AI score0.00619EPSS
Exploits1References6
Rows per page
Query Builder