Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Vulnrichment
Vulnrichmentadded 2025/03/20 10:10 a.m.3 views

CVE-2024-8551 Path Traversal in modelscope/agentscope

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

9.1CVSS9AI score0.00297EPSS
Exploits1References1
Prion
Prionadded 2022/12/13 3:15 a.m.17 views

Sql injection

An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration PI - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability...

7.5CVSS8.8AI score0.00844EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2022/02/07 12:0 a.m.22 views

Rockwell Automation Micrologix Improper Access Control (CVE-2017-14471)

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

10CVSS7.3AI score0.42565EPSS
Exploits1References3
Cvelist
Cvelistadded 2012/10/22 11:0 p.m.16 views

CVE-2012-4773

Multiple cross-site request forgery CSRF vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account via an add action to...

7.1AI score0.04447EPSS
Exploits6References10
Prion
Prionadded 2012/09/15 5:55 p.m.15 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in TestLink 1.9.3 and earlier allow remote attackers to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator's email via an editUser action to...

6.8CVSS7.6AI score0.00487EPSS
Exploits5References8Affected Software1
OSV
OSVadded 2007/11/13 10:46 p.m.3 views

CVE-2007-5936

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place...

5.8AI score
Exploits0References26
Exploit DB
Exploit DBadded 2003/10/20 12:0 a.m.21 views

DeskPro 1.1 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/8856/info It has been reported that DeskPro is prone to multiple SQL injection vulnerabilities due to insufficient sanitization of user-supplied input. The problem is reported to be present in various parameters such as cat, article, and ticketid of the...

7AI score
Exploits0
NVD
NVDadded 2000/02/01 5:0 a.m.7 views

CVE-2000-0106

The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

7.5CVSS6.3AI score0.00636EPSS
Exploits0References1
NVD
NVDadded 2000/02/01 5:0 a.m.9 views

CVE-2000-0103

The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

7.5CVSS6.3AI score0.00636EPSS
Exploits0References1
Rows per page
Query Builder