CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Packet Storm News•added 5 days ago•2 views

A Lightweight Hybrid MLP-Based Framework for Real-Time Phishing URL Detection Using Structural URL Features

Phishing attacks remain a major cybersecurity threat, exploiting deceptive URLs to steal sensitive user information. Traditional blacklist and rule-based detection approaches are reactive and often fail to identify newly emerging phishing URLs. This paper proposes a lightweight hybrid framework f...

5.8AI score

Exploits0

Positive Technologies•added 2026/04/24 12:0 a.m.•1 views

PT-2026-34854

The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to the absence of capability checks and nonce verification in the admin init hook that handles the permalink settings update at line 205-209 of wp-books-gallery.php...

5.3CVSS5.8AI score0.00028EPSS

Exploits0References8

EUVD•added 2025/12/12 6:31 a.m.•1 views

EUVD-2025-202992

The IMAQ Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the URL structure settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's URL...

4.3CVSS4.9AI score0.00011EPSS

Exploits0References4

NVD•added 2025/12/12 4:15 a.m.•1 views

CVE-2025-13363

4.3CVSS0.00011EPSS

Exploits0References3

Vulnrichment•added 2025/12/12 3:20 a.m.•2 views

CVE-2025-13363 IMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure Update

4.3CVSS5AI score0.00011EPSS

Exploits0References3

Positive Technologies•added 2025/12/12 12:0 a.m.•1 views

PT-2025-50817

4.3CVSS5.4AI score0.00011EPSS

Exploits0References4

Packet Storm News•added 2025/06/21 12:0 a.m.•4 views

PhishDebate: an LLM-Based Multi-Agent Framework for Phishing Website Detection

Phishing websites continue to pose a significant cybersecurity threat, often leveraging deceptive structures, brand impersonation, and social engineering tactics to evade detection. While recent advances in large language models LLMs have enabled improved phishing detection through contextual...

6.8AI score

Exploits0

Malwarebytes•added 2022/05/17 2:41 p.m.•17 views

Long lost @ symbol gets new life obscuring malicious URLs

Threat actors have rediscovered an old and little-used feature of web URLs, the innocuous @ symbol we usually see in email addresses, and started using it to obscure links to their malicious websites. Researchers from Perception Point noticed it being used in a cyberattack against multiple...

6.8AI score

Exploits0

Hacker One•added 2016/08/20 6:0 p.m.•31 views

Airbnb: ████ discloses valid Airbnb SSO login names via Google Search Results

Hello, There is an Information leakage type weakness present on ███████ which supposedly works as a Single Sign On SSO gateway for Airbnb's corporate services. The weakness is present due to lack of robots exclusions policy file robots.txt present on this domain which allows web crawlers such as...

6.6AI score

Exploits0

The Hacker News•added 2012/09/14 8:28 a.m.•5 views

BlackHole Exploit Kit 2.0 released with more latest Exploits

According to release announcement on Pastebin by unknown developers in a Russian-language BlackHole Exploit Kit 2.0 released with more latest Exploits. BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security...

6.8AI score

Exploits0

xssed•added 2007/11/19 12:0 a.m.•11 views

Unfixed Redirect vulnerability at www.namninsamling.se

Security researcher Uber0n, has submitted on 19/11/2007 a Redirect vulnerability affecting www.namninsamling.se, which at the time of submission ranked 926966 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/11/2007. It is currently unfixed. ...

Exploits0References1