Lucene search
+L

922 matches found

NVD
NVD
added 2025/08/15 5:15 p.m.10 views

CVE-2025-8675

Server-Side Request Forgery SSRF vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6...

8.8CVSS0.00252EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/08/15 4:46 p.m.8 views

National Public Data returns after massive Social Security Number leak

Remember that data broker nobody had ever heard of, but managed to leak a database which contained the data of some 2.9 billion people? It's back, and this time with a search function. National Public Data suffered an alleged breach in 2024 against a data base that, it turned out, carried 272...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/05 4:26 p.m.10 views

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. "Like a real-world virus variant, this new 'ClickFix ' strain...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/08/01 3:30 p.m.8 views

OpenAI kills “short-lived experiment” where ChatGPT chats could be found on Google

A little-known ChatGPT "feature" is now gone. It could be a good thing. On X, OpenAI Chief Information Security Officer Dane Stuckey announced that OpenAI "removed a feature from ChatGPT that allowed users to make their conversations discoverable by search engines, such as Google." Stuckey called...

6.6AI score
Exploits0
OSV
OSV
added 2025/07/26 5:15 a.m.6 views

CVE-2025-8179

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be...

9.8CVSS5.8AI score0.00498EPSS
Exploits1References5
CNVD
CNVD
added 2025/07/23 12:0 a.m.6 views

WordPress Hestia Missing Authorization Vulnerability

WordPress Hestia is a free corporate theme for the WordPress platform, developed by ThemeIsle. The theme is known for its clean and generous design, responsive layout and rich functionality, supporting drag-and-drop page editing, SEO optimization and other features, which is suitable for quickly...

5.3CVSS6.8AI score0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.5 views

Perplexity AI Web Application 安全漏洞

Perplexity AI Web Application is a big data search engine application utilizing a big language model from Perplexity, Inc. in the United States. A security vulnerability exists in Perplexity AI Web Application GPT-4 version 2.51.0, which stems from mishandling of the token component and could lea...

7.5CVSS6.5AI score0.00419EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2025/06/18 9:28 a.m.14 views

Scammers hijack websites of Bank of America, Netflix, Microsoft, and more to insert fake phone number

The examples in this post are actual fraud attempts found by Malwarebytes Senior Director of Research, Jérôme Segura. Cybercriminals frequently use fake search engine listings to take advantage of our trust in popular brands, and then scam us. It often starts, as with so many attacks, with a...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

PHPGurukul Local Services Search Engine Management System 注入漏洞

PHPGurukul Local Services Search Engine Management System is a local services search engine management system from PHPGurukul, Inc. An injection vulnerability exists in version 2.1 of the PHPGurukul Local Services Search Engine Management System, which originates from a SQL injection due to...

9.8CVSS7.6AI score0.00421EPSS
Exploits1References5
OSV
OSV
added 2025/05/28 5:15 p.m.3 views

CVE-2025-5257

SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. Unauthorized Access to...

6.5CVSS5.8AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/28 4:17 p.m.8 views

CVE-2025-5257 Predictable Page Indexing Might Lead to Sensitive Data Exposure

SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. Unauthorized Access to...

6.5CVSS6.5AI score0.00298EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.10 views

PT-2025-23102 · Mautic · Mautic

Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The issue concerns unauthorized access to unpublished page previews in Mautic, which could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to...

6.5CVSS5.9AI score0.00298EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.5 views

Uncovering Black-Hat SEO Based Fake E-Commerce Scam Groups from Their Redirectors and Websites

While law enforcements agencies and cybercrime researchers are working hard, fake E-commerce scam is still a big threat to Internet users. One of the major techniques to victimize users is luring them by black-hat search-engine-optimization SEO; making search engines display their lure pages as i...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.6 views

CVE-2023-4579

Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox 117...

3.1CVSS6.2AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:11 a.m.13 views

CVE-2022-1165

The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. This could result in blocking arbitrary IP addresses, such as legitimate/good search...

9.1CVSS7AI score0.01645EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:33 p.m.10 views

CVE-2022-20072

In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID:...

6.7CVSS7.1AI score0.00334EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 p.m.4 views

CVE-2021-39413

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

6.1CVSS6.4AI score0.0081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 p.m.9 views

CVE-2021-3278

Local Service Search Engine Management System 1.0 has a vulnerability through authentication bypass using SQL injection . Using this vulnerability, an attacker can bypass the login page...

9.8CVSS8.2AI score0.25273EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:33 p.m.10 views

CVE-2021-28000

A persistent cross-site scripting vulnerability was discovered in Local Services Search Engine Management System Project 1.0 which allows remote attackers to execute arbitrary code via crafted payloads entered into the Name and Address fields...

4.8CVSS7.2AI score0.00932EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.11 views

CVE-2021-32787

Sourcegraph is a code search and navigation engine. Sourcegraph before version 3.30.0 has two potential information leaks. The site-admin area can be accessed by regular users and all information and features are properly protected except for daily usage statistics and code intelligence uploads a...

4.3CVSS6.8AI score0.00649EPSS
Exploits0References1
Rows per page
Query Builder