Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

GithubExploit
GithubExploitadded 2024/10/09 7:24 p.m.96 views

Exploit for CVE-2024-2876

CVE-2024-2876 - SQL Injection Vulnerability in Email Subscribe...

9.8CVSS8.7AI score0.90916EPSS
Exploits4
Positive Technologies
Positive Technologiesadded 2024/04/15 12:0 a.m.7 views

PT-2024-22566 · Icegram Express · Email Subscribers

Name of the Vulnerable Software and Affected Versions: Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress versions up to, and including, 5.7.14 Description: The issue is related to SQL Injection via the run function of...

9.8CVSS7.6AI score0.90916EPSS
Exploits4References16
OSV
OSVadded 2022/09/16 9:2 p.m.22 views

GHSA-6VFQ-JMXG-G58R Shopware contains sensitive data in backend customer module

Impact The request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. Patches We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the...

5.4CVSS5.3AI score0.00465EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2022/09/16 9:1 p.m.34 views

Shopware access control list bypassed via crafted specific URLs

Impact If backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Patches We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or...

7.2CVSS6.8AI score0.00612EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2022/09/12 8:0 p.m.2 views

CVE-2022-36102 Acess control list bypassed via crafted specific URLs

Shopware is an open source e-commerce software. In affected versions if backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do. Users are advised to update to the current version 5.7.15. Users ca...

6.3CVSS7AI score0.00612EPSS
Exploits0References6
OSV
OSVadded 2016/09/13 4:56 p.m.1 views

USN-3078-1 mysql-5.5, mysql-5.7 vulnerability

Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. MySQL has been updated to 5.5.52 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS has been updated to MySQL 5.7.1...

10CVSS7.4AI score0.89577EPSS
Exploits16References2
OpenVAS
OpenVASadded 2016/09/12 12:0 a.m.9 views

Oracle MySQL Unspecified Vulnerability-01 (Sep 2016) - Linux

Oracle MySQL is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescripti...

6.5AI score
Exploits0References1
Rows per page
Query Builder