CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/03/28 11:10 p.m.•2 views

CVE-2026-33883

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the user:resetpasswordform tag could render user-input directly into HTML without escaping, allowing an attacker to craft a URL that executes arbitrary JavaScript in the victim's browser. Thi...

6.1CVSS5.9AI score0.00041EPSS

Exploits0References1

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : postgresql:13 (AXSA:2024-9054:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9054:01 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

8.8CVSS6.1AI score0.06356EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-54657

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00274EPSS

Exploits0References5

Positive Technologies•added 2024/03/13 12:0 a.m.•3 views

PT-2024-21647 · Ckan · Ckan

Name of the Vulnerable Software and Affected Versions: CKAN versions prior to 2.9.11 CKAN versions prior to 2.10.4 Description: A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log...

5.3CVSS6.7AI score0.00446EPSS

Exploits0References11

Prion•added 2023/06/09 6:15 a.m.•24 views

Design/Logic Flaw

The Directorist plugin for WordPress is vulnerable to an arbitrary user password reset in versions up to, and including, 7.5.4. This is due to a lack of validation checks within login.php. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset th...

6.5CVSS8.6AI score0.00381EPSS

Exploits2References2Affected Software1

Exploit DB•added 2018/07/02 12:0 a.m.•86 views

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nagios XI Chained Remote Code Execution', 'Description' = %q This module exploits a few different vulnerabilities in Nagios XI 5.2.6-5.4.12 to ga...

7.4AI score

Exploits0

myhack58•added 2013/08/29 12:0 a.m.•35 views

About SSV-ID: 4 4 7 4 POC analysis and reflection-vulnerability warning-the black bar safety net

SSV-ID: 4 4 7 4 SSV-AppDir: Discuz! Vulnerability Published: 2008-11-21 GMT+0 8 0 0 URL: http://sebug.net/vuldb/ssvid-4474 A very old vulnerability, just as the study of penetration of a material of the bale, with its poc, the direct can be used, it feel so magical at the same time want to analyz...

7.3AI score

Exploits0

0day.today•added 2011/03/26 12:0 a.m.•25 views

PHP Classifieds Remote User Reset Password Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Classifieds Remote User Reset Password Vulnerability Google Dork: allintext: Welcome to PHP Classifieds Date: 23/03/2011 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web:...

7.1AI score

Exploits0

0day.today•added 2011/03/25 12:0 a.m.•32 views

PHP MatchMaker Remote User Reset Password Vulnerability

Exploit for php platform in category web applications Exploit Title : PHP MatchMaker Remote User Reset Password Vulnerability Google Dork: allintext: Powered by PHP MatchMaker Date: 23/03/2011 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web:...

7.1AI score

Exploits0