Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Debian CVE
Debian CVEadded 2026/05/25 8:13 p.m.7 views

CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

5.9CVSS5.8AI score0.00055EPSS
Exploits0
EUVD
EUVDadded 2025/10/29 3:31 p.m.1 views

EUVD-2025-36651

Jenkins MCP Server Plugin does not perform permission checks in multiple MCP tools...

5.4CVSS6.4AI score0.00017EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/07/10 12:0 a.m.2 views

GLPI Security Vulnerabilities

GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...

8.1CVSS6.7AI score0.05259EPSS
Exploits0References2
Prion
Prionadded 2023/04/05 4:15 p.m.10 views

Server side request forgery (ssrf)

GLPI is a free asset and IT management software package. Starting in version 0.84 and prior to versions 9.5.13 and 10.0.7, usage of RSS feeds is subject to server-side request forgery SSRF. In case the remote address is not a valid RSS feed, an RSS autodiscovery feature is triggered. This feature...

5.5CVSS6.5AI score0.00243EPSS
Exploits0References4Affected Software1
0day.today
0day.todayadded 2017/01/26 12:0 a.m.43 views

WordPress Google Forms Plugin unauthenticated PHP Object injection vulnerability

Exploit for php platform in category web applications Abstract A PHP Object injection vulnerability was found in the Google Forms WordPress Plugin, which can be used by an unauthenticated user to instantiate arbitrary PHP Objects. Using this vulnerability it is possible to execute arbitrary PHP...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2016/07/13 12:0 a.m.27 views

WordPress Google Forms 0.84 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Forms WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2009/08/14 12:0 a.m.16 views

PHP Competition System 0.84 - competition SQL Injection

PHP Competition System 0.84 - competition SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability showmatchs.php competition PHP Competition System BETA = V0.84 http://phpcompet.free.fr/ http://phpcompet.free.fr/downloaden.html AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email :...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2005/05/28 12:0 a.m.435 views

[Full-disclosure] ClamAV: Local Privilege Escalation Vulnerability On MacOS [SCN Advisory #04]

The full, up-to-date advisory will be maintained here: http://www.sentinelchicken.com/advisories/clamav/ For your convenience, a text version is included below. tim -- CLAMAV: LOCAL PRIVILEGE ESCALATION VULNERABILITY ON MACOS =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= TABLE OF...

0.3AI score
Exploits0
CVE
CVEadded 2002/06/25 4:0 a.m.54 views

CVE-2001-1074

Summary: CVE-2001-1074 affects Webmin 0.84 and earlier. The vulnerability arises because Webmin does not properly clear the HTTP_AUTHORIZATION environment variable when the web server restarts, causing authentication information to be exposed to all CGI programs and enabling local privilege escal...

7.2CVSS6.5AI score0.00149EPSS
Exploits1References5Affected Software1
securityvulns
securityvulnsadded 2001/05/29 12:0 a.m.42 views

Webmin Doesn't Clean Env (root exploit)

Not sure if this is known, however I know I've seen quite a few people still using webmin 0.84. Webmin doesn't seem to clean the env properly when starting apache probably in other cases as well It leaves the var HTTPAUTHORIZATION set. All you need to do is run it though a mime 64 decode and you...

Exploits0
Rows per page
Query Builder