Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/04/06 10:16 a.m.2 views

CVE-2026-5644

A security flaw has been discovered in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. Affected is an unknown function of the file /admin/Add%20notice/batch-notice.php. Performing a manipulation of the argument $SERVER'PHPSELF' results in cross site scripting...

4.8CVSS0.00035EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/10/24 10:9 a.m.4 views

CVE-2025-5605 Authentication Bypass via URI Manipulation in Multiple WSO2 Products' Management Console Leading to Partial Information Disclosure

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known...

4.3CVSS0.06206EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/08 12:0 a.m.6 views

PT-2025-43996

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.10 Apache Tomcat versions 10.1.0-M1 through 10.1.44 Apache Tomcat versions 9.0.0.M11 through 9.0.108 Apache Tomcat versions 8.5.6 through 8.5.100 Description A relative path traversal flaw exists i...

10CVSS8AI score0.944EPSS
Exploits104References188
AlpineLinux
AlpineLinuxadded 2025/06/05 12:0 a.m.9 views

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

5.3CVSS4.9AI score0.00411EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2025/06/05 12:0 a.m.4 views

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

4CVSS4.7AI score0.00411EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/09/13 4:32 p.m.36 views

Strapi Improper Rate Limiting vulnerability

Summary There is a rate limit on the login function of Strapi's admin screen, but it is possible to circumvent it. 2. Details It is possible to avoid this by modifying the rate-limited request path as follows. 1. Manipulating request paths to upper or lower case. Pattern 1 - In this case,...

9.8CVSS6.6AI score0.00255EPSS
Exploits1References5Affected Software2
OSV
OSVadded 2021/04/14 8:4 p.m.22 views

GO-2020-0001 Arbitrary log line injection in github.com/gin-gonic/gin

The default Formatter for the Logger middleware LoggerConfig.Formatter, which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path...

7.5CVSS7.5AI score0.00475EPSS
Exploits1References2
OSV
OSVadded 2020/12/17 9:15 p.m.0 views

CVE-2020-8463

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...

7.5CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder