Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/04/16 6:31 p.m.3 views

Incorrect Authorization

Overview silverstripe/assets is an asset module required component of SilverStripe Framework. Affected versions of this package are vulnerable to Incorrect Authorization via the DBFile::getURL process. An attacker can gain unauthorized access to protected files by exploiting the way access grants...

6.9CVSS5.6AI score0.00013EPSS
Exploits0References2
OSV
OSVadded 2025/06/10 2:49 p.m.2 views

CVE-2024-40625 GeoServer Coverage REST API Allows Server Side Request Forgery

GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/workspaceName/coveragestores/storeName/method.format allows attackers to upload files with a specified url with method equals 'url' with no restrict. This vulnerability is fix...

5.5CVSS6.7AI score0.003EPSS
Exploits0References5
OSV
OSVadded 2022/11/25 6:30 p.m.11 views

GHSA-8C2C-JXWJ-JQGF Browsershot does not validate URL protocols passed to Browsershot URL method

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method...

8.2CVSS8AI score0.00336EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/06/02 12:0 a.m.3 views

npm jquery-validation 安全漏洞

npm jquery-validation is a form insertion validation application provided by npm, Inc. npm jquery-validation version 1.19.3 contains a denial of service vulnerability, which stems from the fact that an attacker who is able to provide arbitrary input to the url2 method can trigger a denial of...

7.5CVSS5.8AI score0.01057EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2022/05/17 5:22 a.m.10 views

Silverstripe XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...

4.3CVSS6AI score0.00295EPSS
Exploits1References9Affected Software1
Exploit DB
Exploit DBadded 2007/10/30 12:0 a.m.25 views

phpFaber URLInn 2.0.5 - 'dir_ws' Remote File Inclusion

/ \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /' ---------------------------------------------- GrEeTs...

7AI score
Exploits0
securityvulns
securityvulnsadded 2002/10/17 12:0 a.m.36 views

File deletion via Windows XP Help Center

By usgin hcp:// URL it's possible to remove file sustem objects...

2.9AI score
Exploits0References2
Rows per page
Query Builder