CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profilefuncionario.php endpoint. The idfuncionario parameter is not properly sanitized or validated before being used in a SQL query, allowing an unauthenticated attacker to...

9.8CVSS7.5AI score0.00606EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:59 a.m.•3 views

CVE-2024-6398

An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. The risk is low, because oth...

5.3CVSS6.1AI score0.00071EPSS

Exploits0References1

Patchstack•added 2025/04/09 5:46 p.m.•3 views

WordPress Insert HTML Here plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by johska Patchstack Alliance in WordPress Plugin Insert HTML Here versions = 1.0...

7.1CVSS7AI score0.00669EPSS

Exploits0Affected Software1

GithubExploit•added 2025/01/24 9:50 p.m.•363 views

Exploit for CVE-2024-3673

CVE-2024-3673 CVE-2024-3673 Exploit: Local File Inclusion in W...

9.1CVSS6.1AI score0.92159EPSS

Exploits2

OSV•added 2024/07/15 9:15 a.m.•1 views

CVE-2024-6398

5.3CVSS5.8AI score0.00071EPSS

Exploits0References1

F5 Networks•added 2024/05/20 3:40 p.m.•27 views

K000139692: Websense vulnerabilities CVE-2006-2035 and CVE-2010-5144

Security Advisory Description CVE-2006-2035 Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. CVE-2010-5144 The ISAPI Filter plug-in in Websense Enterprise...

4.3CVSS6.3AI score0.00121EPSS

Exploits1

HackRead•added 2023/11/01 10:14 p.m.•60 views

Mandiant Tracks Four Uncategorized Groups Exploiting Citrix Vulnerability

By Waqas Mandiant Investigates Zero-Day Exploitation in Citrix Vulnerability, CVE-2023-4966. This is a post from HackRead.com Read the original post: Mandiant Tracks Four Uncategorized Groups Exploiting Citrix Vulnerability...

5CVSS7.2AI score0.94348EPSS

Exploits15

Prion•added 2006/04/26 12:6 a.m.•12 views

Design/Logic Flaw

Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL...

3.7CVSS6.8AI score0.00065EPSS

Exploits0References4

NVD•added 2006/04/26 12:6 a.m.•11 views

CVE-2006-2035

Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL...

3.7CVSS6.3AI score0.00065EPSS

Exploits0References4

Cvelist•added 2006/04/26 12:0 a.m.•18 views

CVE-2006-2035

Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL...

6.3AI score0.00065EPSS

Exploits0References4

CVE•added 2006/04/26 12:0 a.m.•47 views

CVE-2006-2035

The connected advisory confirms CVE-2006-2035 affects Websense when configured to permit the dynamic content category, enabling local users to bypass blocking of the Uncategorized category by appending a "/?" sequence to a URL. The CVSS data in the initial record indicates a low overall risk (AV:...

3.7CVSS6.3AI score0.00065EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by