Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

Snyk
Snykadded 2026/03/20 5:25 p.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the RemoveProjectBackground process. An attacker can permanently delete background images by sending a DELETE request to the relevant API endpoint with only read-level permissions. Remediation Upgrade...

5.4CVSS6.4AI score0.00056EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/12/29 2:32 p.m.2 views

CVE-2025-15192 D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection

A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.5AI score0.00076EPSS
Exploits1References6
OSV
OSVadded 2025/12/29 2:15 p.m.0 views

CVE-2025-15191

A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub4155B4 of the file /boafrm/formLtefotaUpgradeFibocom. This manipulation of the argument fotaurl causes command injection. Remote exploitation of the attack is possible. The exploit has been mad...

8.8CVSS5.6AI score0.00076EPSS
Exploits1References6
Packet Storm
Packet Stormadded 2025/12/10 12:0 a.m.131 views

📄 YOURLS 1.8.2 SQL Injection

Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2. ============================================================================================================================================= | Title : YOURLS 1.8.2 SQL Injection & System Compromise in Administrati...

7.4CVSS8.2AI score0.00598EPSS
Exploits5
OSV
OSVadded 2023/12/28 5:15 a.m.0 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS6.1AI score0.03125EPSS
Exploits4References2
NVD
NVDadded 2023/12/28 5:15 a.m.26 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS0.03125EPSS
Exploits4References2
ATTACKERKB
ATTACKERKBadded 2023/12/28 5:15 a.m.1 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

7.8CVSS7.5AI score0.03125EPSS
Exploits4References4
Prion
Prionadded 2023/12/28 5:15 a.m.20 views

Sql injection

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

4.3CVSS8.1AI score0.03125EPSS
Exploits4References2Affected Software12
Cvelist
Cvelistadded 2023/12/28 12:0 a.m.22 views

CVE-2023-50445

Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6, MT2500 v4.4.6, MT6000 v4.5.0, MT1300 v4.3.7, MT300N-V2 v4.3.7, AR750S v4.3.7, AR750 v4.3.7, AR300M v4.3.7, and B1300 v4.3.7., allows local attackers to execute arbitrary code via the getsystemlog and...

8.8AI score0.03125EPSS
Exploits4References2
CNVD
CNVDadded 2016/11/14 12:0 a.m.1 views

Dotclear Unrestricted File Upload Vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. An unrestricted file upload vulnerability exists in the Blog appearance in the 'Install or upgrade manually' module of Dotclear 2.10.4 and earlier versions. A remote attacker can...

9CVSS7.7AI score0.00875EPSS
Exploits0References1
Exploit DB
Exploit DBadded 2009/02/04 12:0 a.m.32 views

Jaws 0.8.8 - Multiple Local File Inclusions

Jaws 0.8.8 Local File Inclusion POST /upgrade/index.php language=../../../../../../../../../../../../etc/passwd%00 POST /install/index.php language=../../../../../../../../../../../../etc/passwd%00 Also vulnerable: Introductioncomplete uselog Author notified: Jan 24 milw0rm.com 2009-02-04...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2009/02/03 12:0 a.m.21 views

Jaws 0.8.8 Local File Inclusion

Jaws 0.8.8 Local File Inclusion POST /upgrade/index.php language=../../../../../../../../../../../../etc/passwd%00 POST /install/index.php language=../../../../../../../../../../../../etc/passwd%00 Also vulnerable: Introductioncomplete uselog Author notified: Jan 24...

Exploits0
Tenable Nessus
Tenable Nessusadded 2004/07/26 12:0 a.m.44 views

EasyWeb FileManager pathtext Traversal Arbitrary File/Directory Access

The remote host is running a version of the EasyWeb FileManager module that is vulnerable to a directory traversal attack. An attacker may use this flaw to read arbitrary files on the remote server by sending malformed requests like :...

5CVSS5.8AI score0.0754EPSS
Exploits1References3
Rows per page
Query Builder