Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/03/20 10:37 p.m.0 views

CVE-2026-32733

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorizedkeys and the fil...

8.7CVSS5.9AI score0.00024EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/11 8:24 a.m.6 views

CVE-2026-1454

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...

7.2CVSS5.9AI score0.0013EPSS
Exploits0References5
0day.today
0day.todayadded 2022/03/15 12:0 a.m.1030 views

WordPress Core 5.9.0 / 5.9.1 Cross Site Scripting Vulnerability

Contributor+ Stored Cross Site Scripting Vulnerability Description: Contributor+ Stored XSS Affected Versions: WordPress Core 5.9.0-5.9.1 CVE ID: Pending CVSS Score: 8.0 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Fully Patched Version: 5.9.2 Researcher/s: Ben Bidner WordPress...

8.8CVSS8.8AI score0.07286EPSS
Exploits2
Exploit DB
Exploit DBadded 2015/02/09 12:0 a.m.34 views

Chamilo LMS 1.9.8 - Blind SQL Injection

Exploit Title: Chamilo LMS 1.9.8 Blind SQL Injection Date: 06-12-2014 Software Link: http://www.chamilo.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description Database::escapestring function is used to...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2014/05/01 12:0 a.m.3 views

Sophos Web Appliance SophosConfig Write Command Execution (CVE-2014-2850)

A command execution vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to an error in the sanitization function. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a request...

8.5CVSS6.4AI score0.76549EPSS
Exploits2
Microsoft KB
Microsoft KBadded 2012/01/10 12:0 a.m.31 views

MS12-007: Vulnerability in Anti-XSS Library could allow information disclosure: January 10, 2012

Resolves a vulnerability in the Microsoft Anti-Cross Site Scripting Anti-XSS Library that could allow information disclosure if an attacker passes a malicious script to a website that uses the sanitization function of the Anti-XSS Library.INTRODUCTIONMicrosoft has released security bulletin...

4.3CVSS5.7AI score0.59659EPSS
Exploits0
Cvelist
Cvelistadded 2007/07/11 11:0 p.m.13 views

CVE-2007-3708

Cross-site scripting XSS vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via 1 String.fromCharCode and 2 malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xssclean function...

5.8AI score0.00507EPSS
Exploits0References6
Rows per page
Query Builder