Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Vulnrichment
Vulnrichmentadded 2026/06/09 12:0 a.m.8 views

CVE-2026-36803

Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the qossetting function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-24632

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.05765EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-39734

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.01086EPSS
Exploits1References1
BDU FSTEC
BDU FSTECadded 2024/03/22 12:0 a.m.3 views

The vulnerability of the fromNatStaticSetting() function (/goform/NatStaticSetting) in the Tenda AC18 router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromNatStaticSetting function /goform/NatStaticSetting in the Tenda AC18 router’s microprogramming system is related to the operation that occurs outside the buffer in memory when processing the page parameter. Exploiting this vulnerability can allow an attacker to...

9CVSS5.7AI score0.00776EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/11/15 6:15 a.m.5 views

CVE-2023-40923

MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and savesetting parameters...

8.8CVSS5.8AI score
Exploits0References1
Cvelist
Cvelistadded 2023/08/11 12:0 a.m.22 views

CVE-2020-36037

An issue was disocvered in wuzhicms version 4.1.0, allows remote attackers to execte arbitrary code via the setting parameter to the ueditor in index.php...

8.9AI score0.00781EPSS
Exploits1References1
OSV
OSVadded 2023/04/07 4:15 a.m.4 views

CVE-2023-26978

TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg...

9.8CVSS7.3AI score0.0192EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/07/11 1:15 p.m.2 views

CVE-2022-2092

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.16.0 doesn't escape a parameter on its setting page, making it possible for attackers to conduct reflected cross-site scripting attacks...

6.1CVSS5.8AI score0.0068EPSS
Exploits2References2
ATTACKERKB
ATTACKERKBadded 2022/05/17 4:15 p.m.3 views

CVE-2022-24108

The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted...

9.8CVSS6.5AI score0.32961EPSS
Exploits3References5
Prion
Prionadded 2007/10/19 11:17 p.m.13 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SettingOPTincludepath parameter to 1 adminhelp.php; and 2 admin.incl.php, 3 reg.incl.php, 4 help.incl.php, 5 gbook.incl.php, and 6...

6.8CVSS8.1AI score0.28747EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder