Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 11:23 a.m.6 views

CVE-2021-31858

DotNetNuke DNN 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload...

5.4CVSS6AI score0.00234EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-18452

Malware in sbrugna...

5.4CVSS5.5AI score0.00206EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2005-0900

Malware in sbrugna...

2.1CVSS6.4AI score0.00094EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-21227

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00268EPSS
Exploits1References5
Prion
Prionadded 2024/02/13 10:15 p.m.26 views

Default configuration

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verifyemailenabled" will only validate email only on sign up...

5.5CVSS7.1AI score0.00219EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/04/12 12:0 a.m.2 views

PT-2023-22202 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions prior to 14.8RC1 Description: The HTML macro in XWiki does not properly neutralize script-related HTML tags, allowing any user who can use the HTML macro to introduce an XSS attack. This is particularly dangerous in a standard...

9.9CVSS5.1AI score0.02135EPSS
Exploits1References8
Github Security Blog
Github Security Blogadded 2022/05/13 1:24 a.m.8 views

OctoberCMS Cross-Site Scripting

Cross-Site Scripting exists in OctoberCMS 1.0.425 aka Build 425, allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account...

5.4CVSS6.4AI score0.02409EPSS
Exploits5References5Affected Software1
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.21 views

Enthrallweb eNews 1.0 - Remote User Pass Change Exploit

No description provided by source. form action=target/classifieds/myprofile.asp method=POST name=form2 User Id: input type=text name=MMrecordId value=1 p /p table align=center cellpadding=1 cellspacing=1 tr valign=baseline td align=right nowrap class=titlestrongfont face=Verdana, Arial, Helvetica...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2008/08/28 12:0 a.m.14 views

OpenDB 1.0.6 - user_profile.php?redirect_url Cross-Site Scripting

OpenDB 1.0.6 - userprofile.php?redirecturl Cross-Site Scripting source: https://www.securityfocus.com/bid/30989/info Open Media Collectors Database OpenDb is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may levera...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2003/11/10 12:0 a.m.32 views

sql injection in phpbb

I found a vulnerability en phpbb 2.0.5 and prior, is probably also affect 2.0.6 this bug don't affect to version 2.0.7 phpbb have a list of registereds users, when you click on a memebr of this list, you are requesting data to the database for example:...

0.3AI score
Exploits0
Rows per page
Query Builder