Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/05/05 8:58 p.m.25 views

CVE-2026-39852 Quarkus authorization bypass via semicolon path normalization inconsistency

Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged users to bypass HTTP...

8.8CVSS0.00016EPSS
Exploits0References1
Snyk
Snykadded 2026/05/04 5:20 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when handling HTTP request paths that have had normalizedPath applied. An attacker can gain unauthorized access to protected resources by appending a semicolon and arbitrary text to the request URL, exploiting...

8.8CVSS6AI score0.00016EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEVadded 2025/07/17 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-50334

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...

8.7CVSS5.7AI score0.10106EPSS
In wildExploits0References58
OSV
OSVadded 2024/10/29 2:36 p.m.9 views

CVE-2024-50334 Semicolon Path Injection on API /api;/config

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...

8.7CVSS7.2AI score0.10106EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/10/29 2:36 p.m.14 views

CVE-2024-50334 Semicolon Path Injection on API /api;/config

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...

8.7CVSS7.6AI score0.10106EPSS
Exploits0References1
CVE
CVEadded 2024/10/29 2:36 p.m.100 views

CVE-2024-50334

Scoold

8.7CVSS5.6AI score0.10106EPSS
In wildExploits0References1Affected Software1
Cvelist
Cvelistadded 2024/10/29 2:36 p.m.17 views

CVE-2024-50334 Semicolon Path Injection on API /api;/config

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...

8.7CVSS0.10106EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/10/29 12:0 a.m.1 views

Scoold 安全漏洞

Scoold is an open source team quiz and knowledge sharing platform by Erudika. Scoold suffers from a security vulnerability that stems from a semicolon path injection vulnerability found in the /api;/config endpoint, where by appending a semicolon to a URL, an attacker can bypass authentication an...

8.7CVSS7.1AI score0.10106EPSS
Exploits0References1
Rows per page
Query Builder