Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Nuclei
Nucleiadded 2 days ago20 views

Graphite <=1.1.5 - Server-Side Request Forgery

Graphite's sendemail in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is...

7.5CVSS6.8AI score0.91616EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27665

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00208EPSS
Exploits1References3
CVE
CVEadded 2025/09/11 7:24 a.m.13 views

CVE-2025-8422

The CVE-2025-8422 affects the Propovoice: All-in-One Client Management System WordPress plugin, vulnerable in all versions up to 1.7.6.7 via the send_email() function to perform an unauthenticated Arbitrary File Read. Impact is reading server files containing sensitive information. Remediation in...

7.5CVSS5.7AI score0.00208EPSS
Exploits1References3
OSV
OSVadded 2019/10/25 1:55 p.m.21 views

GHSA-VFJ6-275Q-4PVM graphite.composer.views.send_email vulnerable to SSRF

Impact sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and the...

8.7CVSS7.2AI score0.91616EPSS
Exploits1References10
Veracode
Veracodeadded 2019/10/18 2:46 a.m.26 views

Server-Side Request Forgery (SSRF)

graphite-web is vulnerable to server-side request forgery SSRF. The sendemail function in graphite-web/webapp/graphite/composer/views.py can be used by an attacker to send a request on behalf of the Graphite web server. The corresponding response from the SSRF request is encoded into an image fil...

7.5CVSS3.1AI score0.91616EPSS
Exploits1References7Affected Software1
Cvelist
Cvelistadded 2019/10/11 10:1 p.m.17 views

CVE-2017-18638

sendemail in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent ...

7.3AI score0.91616EPSS
Exploits1References6
Openbugbounty
Openbugbountyadded 2015/12/02 7:45 p.m.10 views

educationdirectory.ca XSS vulnerability

Vulnerable URL: http://www.educationdirectory.ca/sendemail.asp?comp=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 21.01.2016 Latest check for patch:| 21.01.2016 07:31 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

6.3AI score
Exploits0
Rows per page
Query Builder