Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded yesterday6 views

PT-2026-48473

Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 | AUTH JWT...

9.1CVSS5.7AI score
Exploits0References4
NVD
NVDadded 2026/05/27 5:16 p.m.12 views

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

6.5CVSS0.00058EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.6 views

OpenRapid RapidCMS 安全漏洞

OpenRapid RapidCMS is a fast, simple, and useful CMS system developed under the OpenRapid open-source framework. Version 1.3.1 of OpenRapid RapidCMS contains a security vulnerability. This vulnerability stems from a flaw in the /template/default/menu.php component, where authentication bypasses a...

6.5CVSS5.8AI score0.00058EPSS
Exploits0References4
CVE
CVEadded 2026/05/27 12:0 a.m.10 views

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 has an authentication bypass in /template/default/menu.php. The issue arises from injecting a crafted SQL payload into the name cookie parameter, enabling bypass of authentication. Documentation indicates a network-level vector with low confidentiality/integrity impact (...

6.5CVSS5.9AI score0.00058EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/27 12:0 a.m.36 views

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

0.00058EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.9 views

PT-2026-44038

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

5.9AI score0.00058EPSS
Exploits0References4
OSV
OSVadded 2024/02/03 2:15 a.m.1 views

CVE-2024-1200

A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /template/1/default/. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and...

6.5CVSS4.8AI score0.00096EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/02/02 12:0 a.m.3 views

PT-2024-17394 · Jspxcms · Jspxcms

Name of the Vulnerable Software and Affected Versions: Jspxcms version 10.2.0 Description: A vulnerability was found in Jspxcms and classified as problematic. It affects some unknown functionality of the file /template/1/default/. The manipulation leads to information disclosure. The attack may b...

6.5CVSS5.5AI score0.00096EPSS
Exploits1References7
Prion
Prionadded 2018/11/22 9:29 p.m.13 views

Code injection

Discuz! X3.4 allows XSS via admin.php because admincp/admincpsetting.php and template\default\common\footer.htm mishandles statcode field from third-party stats code...

3.5CVSS4.9AI score0.00235EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder