Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/01 12:15 a.m.7 views

CVE-2026-10206

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

9CVSS7.7AI score0.00094EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/21 5:9 p.m.6 views

CVE-2026-48222 Open ISES Tickets < 3.44.2 Reflected XSS via ics213.php frm_add_str Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics213.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...

5.4CVSS5.8AI score0.00029EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/21 12:0 a.m.4 views

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the frmaddstr POST parameter was not cleared in ics205.php, allowin...

5.4CVSS5.8AI score0.00029EPSS
Exploits0References1
OSV
OSVadded 2025/10/07 9:15 p.m.3 views

CVE-2025-11408

A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipulation of the argument str leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be...

9.8CVSS6.2AI score0.00161EPSS
Exploits1References5
CNNVD
CNNVDadded 2024/11/10 12:0 a.m.1 views

D-Link DI-8003 安全漏洞

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003 version 16.07.16A1, which stems from the parameter str in the file /dbsrv.asp failing to correctly validate the length and size of the input data, which can be exploit...

9.8CVSS8.1AI score0.0015EPSS
Exploits1References5
CNNVD
CNNVDadded 2024/02/06 12:0 a.m.1 views

TONGDA Office Anywhere SQL Injection Vulnerability

TONGDA Office Anywhere is a collaborative office OA system. A SQL injection vulnerability exists in TONGDA Office Anywhere 2017 version 11.10 and earlier versions, which stems from an incorrect operation of the parameter DELETESTR that can lead to sql injection...

9.8CVSS8.4AI score0.00052EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2022/02/24 3:15 p.m.4 views

CVE-2022-25406

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in deletequery.php via the DELETESTR parameter...

9.8CVSS7.3AI score0.00264EPSS
Exploits0References2
NVD
NVDadded 2011/12/14 12:55 a.m.12 views

CVE-2011-4812

Cross-site scripting XSS vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter...

4.3CVSS5.7AI score0.00424EPSS
Exploits1References3
Cvelist
Cvelistadded 2011/12/14 12:0 a.m.13 views

CVE-2011-4812

Cross-site scripting XSS vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter...

5.7AI score0.00424EPSS
Exploits1References3
Rows per page
Query Builder