Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-24967

Malicious code in bioql PyPI...

9CVSS7.1AI score0.00292EPSS
Exploits1References2
Veracode
Veracodeadded 2024/07/18 6:15 a.m.11 views

Template Injection

github.com/requarks/wiki is vulnerable to Template injection. The vulnerability is due to improper sanitization of user inputs, allowing attackers to inject malicious JavaScript into the content section of pages. Attackers can exploit this by inserting an invalid HTML tag with a template injectio...

7.1CVSS7AI score0.00234EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/05/12 7:45 a.m.81 views

CVE-2022-1681

CVE-2022-1681 affects Wiki.js (Requarks) prior to version 2.5.281. The vulnerability is an authentication bypass via an alternate path or channel that could allow an attacker to gain root-equivalent permissions on the system. The issue arises in Wiki.js and is documented across multiple sources (...

9CVSS7.1AI score0.00292EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/05/12 7:45 a.m.13 views

CVE-2022-1681 Authentication Bypass Using an Alternate Path or Channel in requarks/wiki

Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions...

7.2CVSS7.3AI score0.00292EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/02/22 8:5 p.m.3 views

CVE-2022-23654 Improper write access check in Requarks/wiki

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS8AI score0.00236EPSS
Exploits0References2
Cvelist
Cvelistadded 2022/02/22 8:5 p.m.12 views

CVE-2022-23654 Improper write access check in Requarks/wiki

Wiki.js is a wiki app built on Node.js. In affected versions an authenticated user with write access on a restricted set of paths can update a page outside the allowed paths by specifying a different target page ID while keeping the path intact. The access control incorrectly check the path acces...

8.1CVSS8.2AI score0.00236EPSS
Exploits0References2
Huntr
Huntradded 2022/01/24 4:2 p.m.14 views

Cross-Site Request Forgery (CSRF) in requarks/wiki

Note: Not a vulnerability in ExpressJS Description Fix can by bypassed. Express treats routes as case insensitive while req.path is case sensitive. The fix in the previous report was to check if req.path === "/u"...

0.2AI score
Exploits0
Cvelist
Cvelistadded 2021/12/27 6:5 p.m.11 views

CVE-2021-43855 Stored XSS via SVG in Requarks/wiki

Wiki.js is a wiki app built on node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through a SVG file upload made via a custom request with a fake MIME type. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This...

8.2CVSS7.9AI score0.00361EPSS
Exploits1References3
Rows per page
Query Builder