Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

55 matches found

Nuclei
Nucleiadded yesterday9 views

LyLme spage v1.9.5 - Server-Side Request Forgery

LyLme spage v1.9.5 is vulnerable to server-side request forgery SSRF via the url parameter in apply/index.php. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-36675 info: name: LyLme spage v1.9.5 - Server-Side Request Forgery...

9.1CVSS5.6AI score0.44282EPSS
Exploits1References2
Nuclei
Nucleiadded yesterday53 views

LyLme-Spage - Arbitary File Upload

An arbitrary file upload vulnerability in the component /include/file.php of lylmespage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file. id: CVE-2024-34982 info: name: LyLme-Spage - Arbitary File Upload author: DhiyaneshDk severity: high description: | An arbitrary...

9.8CVSS5.9AI score0.80398EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/01/09 9:35 a.m.5 views

CVE-2024-34982

An arbitrary file upload vulnerability in the component /include/file.php of lylmespage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.7AI score0.80398EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-14256

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00141EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEVadded 2025/08/01 12:0 a.m.2 views

VulnCheck KEV: CVE-2024-36675

LyLmespage v1.9.5 is vulnerable to Server-Side Request Forgery SSRF via the gethead function...

9.1CVSS5.8AI score0.44282EPSS
In wildExploits1References2
RedhatCVE
RedhatCVEadded 2025/05/23 10:42 a.m.4 views

CVE-2024-9789

A vulnerability was found in LyLmespage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may...

7.2CVSS7.2AI score0.00172EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 7:30 a.m.10 views

CVE-2024-48356

LyLme Spage =1.6.0 is vulnerable to SQL Injection via /admin/group.php...

9.8CVSS9.8AI score0.00291EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:22 a.m.5 views

CVE-2024-48176

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...

9.8CVSS7.2AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:17 a.m.2 views

CVE-2024-48357

LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php...

9.8CVSS6AI score0.00122EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:47 a.m.6 views

CVE-2023-45952

An arbitrary file upload vulnerability in the component ajaxlink.php of lylmespage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.8AI score0.00107EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/13 10:11 p.m.25 views

CVE-2025-4543

A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS7.7AI score0.00141EPSS
Exploits1
OSV
OSVadded 2025/05/11 6:15 p.m.2 views

CVE-2025-4543

A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.9CVSS7.6AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/05/11 6:0 p.m.6 views

CVE-2025-4543 LyLme Spage ajax_link.php sql injection

A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS7.5AI score0.00141EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/05/11 6:0 p.m.28 views

CVE-2025-4543 LyLme Spage ajax_link.php sql injection

A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the file lylmespage/blob/master/admin/ajaxlink.php. The manipulation of the argument sort leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS0.00141EPSS
Exploits1References4
CVE
CVEadded 2025/05/11 6:0 p.m.62 views

CVE-2025-4543

CVE-2025-4543 concerns LyLme Spage v2.1. The vulnerability is an SQL injection in the admin/ajax_link.php endpoint, caused by improper handling of the sort argument. The issue is exploitable remotely and the exploit has been publicly disclosed. Affected component: lylme_spage/blob/master/admin/aj...

7.5CVSS7.5AI score0.00141EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/05/11 12:0 a.m.3 views

PT-2025-20665 · Unknown · Lylme Spage

Name of the Vulnerable Software and Affected Versions: LyLme Spage version 2.1 Description: A critical issue was found in LyLme Spage, affecting an unknown part of the file lylme spage/blob/master/admin/ajax link.php. The manipulation of the sort argument leads to SQL injection. It is possible to...

7.5CVSS7.5AI score0.00141EPSS
Exploits1References14
CNNVD
CNNVDadded 2025/05/11 12:0 a.m.4 views

LyLme Spage 注入漏洞

LyLme Spage Six Zero navigation page is China Six Zero LyLme open source a navigation page . Dedicated to simple and efficient advertising-free Internet navigation and search portal , support for background links , custom search engine , precipitation of the most valuable links , no commercial...

7.5CVSS7.8AI score0.00141EPSS
Exploits1References5
OSV
OSVadded 2024/11/05 11:15 p.m.4 views

CVE-2024-48176

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...

9.8CVSS7.1AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/11/05 12:0 a.m.9 views

CVE-2024-48176

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...

7.2AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/11/05 12:0 a.m.13 views

CVE-2024-48176

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of login attempts, and the verification code will not be refreshed after a failed login, which allows attackers to blast the username and password and log into the system backend...

0.00363EPSS
Exploits0References1
Rows per page
Query Builder