Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/03/20 12:0 a.m.4 views

File Thingie 安全漏洞

File Thingie is a file manager personally developed by Frances Leese. Version 2.5.7 of File Thingie has a security vulnerability, which stems from the improper handling of the function for creating folders from URLs. This vulnerability may lead to directory traversal attacks...

4.3CVSS5.8AI score0.00093EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/02/19 8:44 p.m.4 views

Pannellum has a XSS vulnerability in hot spot attributes

Impact The hot spot attributes configuration property allowed any attribute to be set, including HTML event handler attributes, allowing for potential XSS attacks. This affects websites hosting the standalone viewer HTML file and any other use of untrusted JSON config files bypassing the...

6.1CVSS6.1AI score0.00028EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2025/12/31 11:6 a.m.3 views

CVE-2025-69023

Missing Authorization vulnerability in Marketing Fire Discussion Board wp-discussion-board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Discussion Board: from n/a through = 2.5.7...

4.3CVSS7AI score0.0003EPSS
Exploits0References1
NVD
NVDadded 2025/12/30 11:16 a.m.1 views

CVE-2025-69023

Missing Authorization vulnerability in Marketing Fire Discussion Board wp-discussion-board allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Discussion Board: from n/a through = 2.5.7...

4.3CVSS0.0003EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/18 12:0 a.m.1 views

PT-2025-52321

Name of the Vulnerable Software and Affected Versions File Thingie version 2.5.7 Description The software contains an authenticated file upload issue that enables remote attackers to upload malicious PHP zip archives to the web server. Attackers can create a custom PHP payload, upload and unzip i...

9.4CVSS7.5AI score0.00117EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2025/11/28 12:0 a.m.3 views

PT-2025-48318

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin...

4.1CVSS6.9AI score0.00041EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/11/26 3:45 a.m.5 views

CVE-2025-10646

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...

4.3CVSS5.6AI score0.00036EPSS
Exploits0References1
OSV
OSVadded 2024/09/18 12:15 a.m.1 views

CVE-2024-43988

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5.7...

5.4CVSS5.8AI score0.00211EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/04/26 12:9 p.m.3 views

WordPress Radio Station plugin <= 2.5.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Radio Station versions = 2.5.7...

4.3CVSS7AI score0.002EPSS
Exploits0Affected Software1
Rows per page
Query Builder