CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

NVD•added 2026/05/19 5:16 p.m.•11 views

CVE-2026-36829

An authentication bypass vulnerability exists in the embedded HTTP server of Panabit PAP-XM320 up to and including v7.7. The server validates session cookies using a filesystem existence check based on a user-controlled cookie value without proper sanitization, allowing directory traversal and...

9.8CVSS0.01268EPSS

Exploits0References2

CNNVD•added 2026/05/19 12:0 a.m.•6 views

Panabit PAP-XM320 操作系统命令注入漏洞

Panabit PAP-XM320 is an enterprise-level Internet access behavior management and traffic control gateway device developed by Panabit Corporation. Versions of Panabit PAP-XM320 prior to V7.7 contain a vulnerability related to operating system command injection. This vulnerability arises from the W...

5.4CVSS5.8AI score0.00743EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-47780

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00375EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:33 p.m.•6 views

CVE-2022-44849

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

8.8CVSS7AI score0.00375EPSS

Exploits1References1

NVD•added 2022/12/07 3:15 a.m.•12 views

CVE-2022-44849

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

8.8CVSS0.00375EPSS

Exploits1References1

Prion•added 2022/12/07 3:15 a.m.•17 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

6.8CVSS8.7AI score0.00375EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/12/07 12:0 a.m.•21 views

CVE-2022-44849

A Cross-Site Request Forgery CSRF in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account...

8.9AI score0.00375EPSS

Exploits1References1

CVE•added 2022/12/07 12:0 a.m.•80 views

CVE-2022-44849

MetInfo v7.7 contains a CSRF in the Administrator List that allows an attacker to arbitrarily add a Super Administrator account. Affected component: Administrator List (MetInfo 7.7). Root cause: CSRF-vulnerability enabling unauthorized privilege elevation. Impact per sources: high confidentiality...

8.8CVSS8.7AI score0.00375EPSS

Exploits1References1Affected Software1

Packet Storm•added 2016/11/03 12:0 a.m.•24 views

WinaXe 7.7 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINAXE-FTP-CLIENT-REMOTE-BUFFER-OVERFLOW.txt + ISR: Apparition Security Vendor: ============ www.labf.com Product: ================ WinaXe v7.7 FTP The X Window System, SSH,...

0.4AI score

Exploits0

securityvulns•added 2015/03/21 12:0 a.m.•38 views

Cross-Site Scripting vulnerability in Websense Explorer report scheduler

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Websense Explorer report scheduler ------------------------------------------------------------------------ Han Sahin, September 2014...

1.1AI score

Exploits0

securityvulns•added 2015/03/21 12:0 a.m.•31 views

Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view

------------------------------------------------------------------------ Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view ------------------------------------------------------------------------ Han Sahin, September 2014...

1.2AI score

Exploits0

securityvulns•added 2015/03/21 12:0 a.m.•37 views

Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting

------------------------------------------------------------------------ Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting ------------------------------------------------------------------------ Han Sahin, September 2014...

0.6AI score

Exploits0

0day.today•added 2015/03/20 12:0 a.m.•34 views

Websense Appliance Manager Command Injection Vulnerability

Exploit for java platform in category web applications Abstract A command injection vulnerability was found in Websense Appliance Manager that allows an attacker to execute arbitrary code on the appliance. This issue can be combined with other vulnerabilities, like Cross-Site Scripting, to perfor...

7.1AI score

Exploits0

Packet Storm•added 2015/03/19 12:0 a.m.•42 views

Websense Reporting Cross Site Scripting

------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Websense Reporting ------------------------------------------------------------------------ Han Sahin, September 2014...

7.4AI score

Exploits0

Packet Storm•added 2015/03/19 12:0 a.m.•32 views

Websense Appliance Manager Command Injection

------------------------------------------------------------------------ Command injection vulnerability in network diagnostics tool of Websense Appliance Manager ------------------------------------------------------------------------ Han Sahin, September 2014...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by