Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 3:46 p.m.5 views

CVE-2020-21236

A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user's session cookie...

8.8CVSS6.8AI score0.00141EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/22 3:22 a.m.5 views

CVE-2018-17213

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. A user without valid credentials can bypass the authentication process, obtaining a valid session cookie with guest/pseudo-guest level privileges. This cookie can then be further used to perform other attacks...

8.8CVSS7.2AI score0.0064EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/04/25 2:14 p.m.11 views

Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 1.0 (CPDS 1.0)[CVE-2023-30861]

Summary The Flask package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...

7.5CVSS6.1AI score0.00221EPSS
Exploits1Affected Software1
CNVD
CNVDadded 2024/06/12 12:0 a.m.6 views

Siemens SINEC Traffic Analyzer Logic Flaw Vulnerability

SINEC Traffic Analyzer is an on-premise application that monitors PNIO PROFINET IO communication between controllers and IO devices. The software detects PROFINET communication problems and reports them to the user via Web-UI. A logic flaw vulnerability exists in Siemens SINEC Traffic Analyzer,...

6.8CVSS6.6AI score0.00198EPSS
Exploits0References1
Ivanti
Ivantiadded 2023/02/14 7:22 a.m.6 views

SA45653 - Cross-site Request Forgery in Login Form

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. In a login CSRF attack, the attacker forges a login request to an honest site using the attacker’s username and password at that site. If the forgery succeeds, the honest server...

7.2AI score
Exploits0
CNVD
CNVDadded 2021/06/24 12:0 a.m.4 views

Ice Hrm Session Fixation Vulnerability

Ice Hrm is a human resource management system. Ice Hrm suffers from a session fixation vulnerability. An attacker can exploit the vulnerability to hijack a valid user session via a specially crafted session cookie...

6.1CVSS6.6AI score0.002EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2004/05/03 12:0 a.m.23 views

squirrel142.txt

SquirrelMail latest version although is tested on version 1.4.2 is prone to many cross scripting attacks that can be used to steal user cookies.The Exploit lies in the way squirrel mail represents the folder names and shows them.To make the matters worse.No extra unique variable added to the url...

7.4AI score
Exploits0
Rows per page
Query Builder