Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106801 matches found

NVD
NVDadded 2026/03/04 6:16 p.m.8 views

CVE-2026-20079

A vulnerability in the web interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due ...

10CVSS0.11141EPSS
Exploits2References1
OSV
OSVadded 2026/03/04 6:16 p.m.1 views

CVE-2019-25498

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landinglocation parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authenticatio...

8.2CVSS5.9AI score0.00263EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 6:16 p.m.2 views

CVE-2019-25501

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the appid parameter. Attackers can send POST requests to deleteapplicationajax.php with crafted payloads to extract sensitive data, bypass...

8.2CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2026/03/04 6:16 p.m.3 views

CVE-2019-25498

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landinglocation parameter. Attackers can send POST requests to the searched endpoint with malicious SQL payloads to bypass authenticatio...

8.8CVSS0.00263EPSS
Exploits1References2
NVD
NVDadded 2026/03/04 6:16 p.m.5 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

9.8CVSS0.00342EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 6:16 p.m.2 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

9.8CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2026/03/04 6:16 p.m.4 views

CVE-2019-25501

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the appid parameter. Attackers can send POST requests to deleteapplicationajax.php with crafted payloads to extract sensitive data, bypass...

8.8CVSS0.00115EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 6:16 p.m.0 views

CVE-2019-25502

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the jobtypevalue parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim...

6.1CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2026/03/04 6:16 p.m.6 views

CVE-2019-25502

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the jobtypevalue parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim...

6.1CVSS0.00087EPSS
Exploits1References2
OSV
OSVadded 2026/03/04 5:59 p.m.5 views

DRUPAL-CONTRIB-2026-024

The Google Analytics GA4 module enables users to add custom attributes to the script tag used to load the Google Analytics library. The module does not sufficiently sanitize these attributes. This vulnerability is mitigated by the fact that an attacker must have a role with the "ga4 configure" or...

6.1CVSS6AI score0.00013EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/04 5:17 p.m.22 views

CVE-2026-20079

A vulnerability in the web interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due ...

10CVSS0.11141EPSS
Exploits2References1
NVD
NVDadded 2026/03/04 5:16 p.m.6 views

CVE-2026-28697

Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, an authenticated administrator can achieve Remote Code Execution RCE by injecting a Server-Side Template Injection SSTI payload into Twig template fields e.g., Email Templates. By calling the craft.app.fs.write...

9.4CVSS0.00208EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/03/04 5:15 p.m.27 views

CVE-2019-25502 Simple Job Script Cross-Site Scripting via job_type_value Parameter

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the jobtypevalue parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim...

6.1CVSS0.00087EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/04 5:15 p.m.3 views

CVE-2019-25502

Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the jobtypevalue parameter in the jobs endpoint. Attackers can craft requests with SVG payload injection to execute arbitrary JavaScript in victim...

6.1CVSS6AI score0.00087EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/03/04 5:15 p.m.25 views

CVE-2019-25501 Simple Job Script SQL Injection via delete_application_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the appid parameter. Attackers can send POST requests to deleteapplicationajax.php with crafted payloads to extract sensitive data, bypass...

8.8CVSS0.00115EPSS
Exploits1References2
CVE
CVEadded 2026/03/04 5:15 p.m.5 views

CVE-2019-25501

Summary: CVE-2019-25501 affects the Simple Job Script web application. The vulnerability resides in the server-side code handling the app_id parameter in the delete_application_ajax.php endpoint, enabling SQL injection to manipulate database queries. Public references indicate attackers can craft...

8.8CVSS6.1AI score0.00115EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/04 5:15 p.m.2 views

CVE-2019-25501 Simple Job Script SQL Injection via delete_application_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the appid parameter. Attackers can send POST requests to deleteapplicationajax.php with crafted payloads to extract sensitive data, bypass...

8.8CVSS6.1AI score0.00115EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/04 5:15 p.m.26 views

CVE-2019-25499 Simple Job Script SQL Injection via get_job_applications_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS0.00342EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/04 5:15 p.m.2 views

CVE-2019-25499

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS6.1AI score0.00342EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/04 5:15 p.m.2 views

CVE-2019-25499 Simple Job Script SQL Injection via get_job_applications_ajax.php

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the jobid parameter. Attackers can send POST requests to getjobapplicationsajax.php with malicious jobid values to bypass authentication,...

8.8CVSS6.1AI score0.00342EPSS
Exploits1References2
Rows per page
Query Builder