Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/02/22 12:0 a.m.2 views

PT-2026-21437

microASP Portal+ CMS contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the explode tree parameter. Attackers can send crafted requests to pagina.phtml with SQL injection payloads using extractvalue and...

8.8CVSS6.2AI score0.00046EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/06/27 12:16 a.m.5 views

CVE-2025-25905

Cross-Site Scripting XSS vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter...

7.1CVSS5.6AI score0.00262EPSS
Exploits1References1
OSV
OSVadded 2025/06/25 4:15 p.m.3 views

CVE-2025-25905

Cross-Site Scripting XSS vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter...

7.1CVSS6AI score0.00262EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/06/25 12:0 a.m.4 views

PT-2025-26836 · Cadclick · Cadclick

Name of the Vulnerable Software and Affected Versions: CADClick versions 1.13.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via the tree parameter, enabling Cross-Site Scripting XSS attacks. Recommendations: For CADClick versions 1.13.0 and...

7.1CVSS5.5AI score0.00262EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2023/02/15 6:14 a.m.17 views

SUSE CVE-2006-4517

Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service crash in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference...

7.8CVSS6.8AI score0.02914EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2019/10/04 9:48 p.m.18 views

CVE-2008-0785

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the 1 graphlist parameter to graphview.php, 2 leafid and id parameters to tree.php, 3 localgraphid parameter to graphxport.php, and 4...

7.5CVSS8.4AI score0.03843EPSS
Exploits3References3
OSV
OSVadded 2019/05/24 6:29 p.m.2 views

CVE-2018-17843

SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0...

9.8CVSS5.8AI score0.00602EPSS
Exploits0References2
Check Point Advisories
Check Point Advisoriesadded 2010/08/03 12:0 a.m.2 views

Novell iManager Tree Name Denial of Service (CVE-2010-1930)

Novell iManager is a web-based administration console that provides management of many other Novell products. The iManager service itself is a Java web application running on top of the Tomcat application container. A denial of service vulnerability exists in Novell iManager. The vulnerability is...

5CVSS6.3AI score0.23049EPSS
Exploits6
Rows per page
Query Builder