Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NOZOMI
NOZOMIadded 2026/05/19 12:0 a.m.7 views

HTML injection in Users in Guardian/CMC before 26.1.0

Summary A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. Impact An authenticated user with administrative privileges can create a malicious user whose username contains HTML tags. When a victim attempts to delete a...

5.9CVSS5.8AI score0.00029EPSS
Exploits0Affected Software2
SUSE CVE
SUSE CVEadded 2026/05/13 3:54 p.m.5 views

SUSE CVE-2017-1000065

Multiple Cross-site scripting XSS vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights ManagementUsers functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser...

6.1CVSS6.5AI score0.00346EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-0777

Malware in sbrugna...

5.3CVSS5.2AI score0.01546EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/05/22 10:47 p.m.6 views

CVE-2022-3026

The WP Users Exporter plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.2 via the 'Export Users' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into profile information like First Names that...

8.8CVSS7AI score0.01108EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:41 p.m.7 views

CVE-2022-28436

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php=display=Hide=...

9.8CVSS8.3AI score0.00264EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/04/02 12:0 a.m.3 views

Webmin < 2.100 Multiple Vulnerabilities

According to its self-reported version, the Webmin install hosted on the remote host is prior to 2.100. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability exists in the Users Real name parameter. - A Cross-Site Scripting XSS vulnerability exists in...

6.1CVSS6AI score0.00649EPSS
Exploits9References11
Prion
Prionadded 2021/05/13 4:15 p.m.16 views

Code injection

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...

5CVSS5.2AI score0.00337EPSS
Exploits1References7Affected Software2
UbuntuCve
UbuntuCveadded 2021/05/13 4:15 p.m.31 views

CVE-2021-21424

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...

5.3CVSS6.1AI score0.00337EPSS
Exploits1References6
Cvelist
Cvelistadded 2021/05/13 12:0 a.m.16 views

CVE-2021-21424 Prevent user enumeration using Guard or the new Authenticator-based Security

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. ...

5.3CVSS5.8AI score0.00337EPSS
Exploits1References7
Rows per page
Query Builder