Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-15725

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00853EPSS
Exploits2References2
NVD
NVDadded 2023/06/08 9:15 p.m.28 views

CVE-2023-29401

The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of...

4.3CVSS5.7AI score0.00482EPSS
Exploits2References4
OSV
OSVadded 2023/01/16 4:15 p.m.3 views

CVE-2022-4447

The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2022/10/31 4:15 p.m.39 views

CVE-2022-2627

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

6.1CVSS0.00969EPSS
Exploits2References1
NVD
NVDadded 2021/06/29 4:15 p.m.8 views

CVE-2021-20105

Machform prior to version 16 is vulnerable to an open redirect in Safariinit.php due to an improperly sanitized 'ref' parameter...

6.1CVSS0.00744EPSS
Exploits0References1
Prion
Prionadded 2021/06/29 4:15 p.m.9 views

Open redirect

Machform prior to version 16 is vulnerable to an open redirect in Safariinit.php due to an improperly sanitized 'ref' parameter...

5.8CVSS6.2AI score0.00744EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2021/02/02 11:15 a.m.11 views

Design/Logic Flaw

This affects the package total.js before 3.4.7. The issue occurs in the image.pipe and image.stream functions. The type parameter is used to build the command that is then executed using childprocess.spawn. The issue occurs because childprocess.spawn is called with the option shell set to true an...

7.5CVSS8.6AI score0.01702EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVASadded 2017/08/01 12:0 a.m.20 views

Fortinet FortiWeb XSS Vulnerability (FG-IR-17-076)

Fortinet FortiWeb is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS5.7AI score0.00713EPSS
Exploits0References2
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.17 views

Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion Vulnerability

No description provided by source. Exploit Title: Uebimiau Webmail Local File Inclusion Date: 10-04-10 Author: Blake Software Link: http://sourceforge.net/projects/t-dahmail/files/latest/Uebimiau3.2.02.0Alpha.zip/download Version: 3.2.0-2.0 Tested on: Windows XP SP3 running xampp lite The stage...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2006/10/27 12:0 a.m.20 views

WikiNi-xss.txt

Hi, I've found 2 XSS vulns in WikiNi. The programmers have been contacted and the vulns addressed in version 0.4.4. The name parameter of page wakka.php is not properly sanitized: "alert'XSS Vulnerable';" The email parameter of page wakka.php is not properly sanitized: "alert'XSS Vulnerable';"...

7.4AI score
Exploits0
Rows per page
Query Builder