Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:41 a.m.4 views

CVE-2001-1535

Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack...

4.6CVSS6.8AI score0.0015EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2002-1662

Malware in sbrugna...

6.8CVSS6.4AI score0.00855EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2002-1628

Malware in sbrugna...

5CVSS6.4AI score0.01421EPSS
Exploits0References5
NVD
NVDadded 2002/12/31 5:0 a.m.10 views

CVE-2002-1647

The quick login feature in Slash Slashcode does not redirect the user to an alternate URL when the wrong password is provided, which makes it easier for remote web sites to guess the proper passwords by reading the username and password from the Referrer URL...

5CVSS6.7AI score0.01421EPSS
Exploits0References4
NVD
NVDadded 2002/12/31 5:0 a.m.13 views

CVE-2002-1681

Cross-site scripting XSS vulnerability in Slashcode CVS releases June 17 through July 1 2002 allows remote attackers to execute arbitrary script as other users by injecting script into the paragraph tag...

6.8CVSS6.3AI score0.00855EPSS
Exploits0References4
securityvulns
securityvulnsadded 2002/07/02 12:0 a.m.41 views

XSS in Slashcode

There is a nasty Cross Site ScriptingXSS vuln in Slashcode. This was used a day or so go on slashdot.org and resulted in most of the site being taken down for an hour or so. The maintainers of slashcode have patched the problem in CVS but have not even mentioned it anywhere that I can find. This...

6.9AI score
Exploits0
securityvulns
securityvulnsadded 2002/01/11 12:0 a.m.51 views

[SA-2002:00] Slashcode login vulunerability

SA-2002:00 Slashcode login vulunerability RISK FACTOR: HIGH SYNOPSIS Slash, the code that runs Slashdot and many other web sites, has a vulnerability in recent versions that allows any logged-in user to log in as any other user. This allows users to take nearly full control of a Slash system post...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2001/09/08 12:0 a.m.34 views

Insecure handling of notes in Slashcode

Security Advisory - September 9, 2001 plastic.com's Slashcode Overview: The implementation of private notes on plastic.com's Slashcode-driven site is insecure. Any logged in user can view any message in the system. Description: After logging into the site as a user,...

6.9AI score
Exploits0
Cvelist
Cvelistadded 2000/11/29 5:0 a.m.15 views

CVE-2000-1015

The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands...

7.6AI score0.01221EPSS
Exploits0References3
CVE
CVEadded 2000/11/29 5:0 a.m.41 views

CVE-2000-1015

The CVE-2000-1015 entry concerns Slashcode prior to version 2.0 Alpha, which ships with a default administrative password. The root cause is the presence of this default credential, enabling remote attackers to gain Slashcode privileges and potentially execute arbitrary commands. Documented impac...

7.5CVSS8AI score0.01221EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder