Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2015-5032

Malware in sbrugna...

5CVSS6.4AI score0.00234EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2023/10/09 5:15 a.m.0 views

CVE-2023-45367

An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cuuseragentclienthints, leading to a...

6.5CVSS6.7AI score0.00139EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/10/09 12:0 a.m.0 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from a CheckUser extension user can...

6.5CVSS6.8AI score0.00139EPSS
Exploits1References2
Exploit DB
Exploit DBadded 2021/10/05 12:0 a.m.360 views

Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload

Exploit Title: Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/mstore-api/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/mstore-api/ Version: 2.0.6, possibly higher Tested on: Ubuntu 20.04.1 import os.path...

7.4AI score
Exploits0
Atlassian
Atlassianadded 2018/12/20 1:10 a.m.28 views

On error at /rest/ stack-trace is publicly visible

h3. Summary On Confluence server 6.12.2 requesting wrong REST URL /rest/cql/contenttypes?category=test we will see full stack-trace. The same we can see at https://confluence.atlassian.com/rest/cql/contenttypes?category=test On production, a regular user should not see the stack-trace when an err...

0.3AI score
Exploits0
NVD
NVDadded 2015/11/08 10:59 p.m.11 views

CVE-2015-5015

IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to obtain sensitive information via a crafted REST URL...

5CVSS5.9AI score0.00234EPSS
Exploits0References3
Prion
Prionadded 2015/11/08 10:59 p.m.11 views

Information disclosure

IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to obtain sensitive information via a crafted REST URL...

5CVSS6.4AI score0.00234EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2015/11/08 10:0 p.m.48 views

CVE-2015-5015

CVE-2015-5015 affects IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x prior to Feature Pack 8. A remote attacker can obtain sensitive information via a crafted REST URL, indicating an information-disclosure vulnerability in the REST API surface. The root cause is an improper handling of REST UR...

5CVSS6.1AI score0.00234EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2011/12/16 11:0 a.m.18 views

CVE-2011-4727

The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error or possibly have unspecified other impact via a crafte...

7.5AI score0.01918EPSS
Exploits0References2
Rows per page
Query Builder