Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2024/11/11 12:30 p.m.9 views

CVE-2024-11079

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within...

5.5CVSS8.1AI score0.00024EPSS
Exploits0References3
NVD
NVDadded 2023/01/17 9:15 p.m.7 views

CVE-2023-22727

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...

9.8CVSS9.9AI score0.0093EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2023/01/17 8:41 p.m.8 views

CVE-2023-22727 Database Query::offset() and limit() vulnerable to SQL injection in cakephp

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...

9.8CVSS10AI score0.0093EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalogadded 2022/03/25 12:0 a.m.22 views

Drupal Core Remote Code Execution Vulnerability

In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases...

8.1CVSS3.5AI score0.9441EPSS
In wildExploits22
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.17 views

WebWasher Classic 2.2/3.3 Error Message Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9039/info It has been reported that a cross-site scripting vulnerability may exist in WebWasher Classic that may allow remote attackers to execute HTML or script code in a user's browser. The issue is reported to occur du...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

Easy Banner Pro 2.8 info.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21967/info Easy Banner Pro is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2012/07/04 12:0 a.m.23 views

WordPress Plugin MoodThingy Widget 0.8.7 - Blind SQL Injection

Exploit Title: WordPress MoodThingy Mood Rating Widget v0.8.7 Blind SQL Injection Date: 7/2/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.moodthingy.com/ Software Link: http://downloads.wordpress.org/plugin/moodthingy-mood-rating-widget.0.8.7.zip Version: 0.8.7 =====================...

7AI score
Exploits0
Rows per page
Query Builder