Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

GithubExploit
GithubExploitadded 2026/04/06 6:55 p.m.83 views

pentest-agent

Pentest Agent AI-powered penetration testing agent using Clau...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/04/06 6:55 p.m.85 views

VulnHive-AI

Pentest Agent AI-powered penetration testing agent using Clau...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/03/26 11:4 a.m.148 views

AppSec-Penetration-Testing-Lab

🔐 AppSec Penetration Testing Lab A hands-on application sec...

6.2AI score
Exploits0
GithubExploit
GithubExploitadded 2025/12/26 4:30 a.m.145 views

OIBSIP_-SQL-Injection-on-DVWA-Low-Security-

This project demonstrates a basic SQL Injection vulnerability us...

8AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-42810

Malicious code in bioql PyPI...

9.1CVSS9.2AI score0.00193EPSS
Exploits0References2
Packet Storm
Packet Stormadded 2024/11/01 12:0 a.m.375 views

SmartAgent 1.1.0 Remote Code Execution

Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...

7.4AI score
Exploits0
NVD
NVDadded 2024/10/22 5:15 p.m.9 views

CVE-2024-49210

Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web...

6.1CVSS0.00336EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/04/09 12:52 a.m.14 views

CVE-2024-27898 Server-Side Request Forgery in SAP NetWeaver

SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request...

5.3CVSS5.5AI score0.0022EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/04/09 12:0 a.m.1 views

SAP NetWeaver 代码问题漏洞

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform mainly for SAP applications to provide development and runtime environment. A code issue vulnerability exists in SAP NetWeaver that stems from insufficient input validation, which c...

5.3CVSS6.9AI score0.0022EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/02/21 12:0 a.m.10 views

CVE-2024-26311

Archer Platform 6.x before 6.14 P2 HF1 6.14.0.2.1 contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then...

5.7CVSS6AI score0.00139EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/02/21 12:0 a.m.15 views

CVE-2024-26311

Archer Platform 6.x before 6.14 P2 HF1 6.14.0.2.1 contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then...

5.7CVSS5.5AI score0.00139EPSS
Exploits0References2
OSV
OSVadded 2023/12/04 9:15 a.m.1 views

CVE-2023-44301

Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable...

5.4CVSS5.9AI score0.0042EPSS
Exploits0References1
Prion
Prionadded 2023/05/22 8:15 p.m.12 views

Command injection

In Wcms 0.3.2, an attacker can send a crafted request from a vulnerable web application backend server /wcms/wex/html.php via the finish parameter and the textAreaCode parameter. It can write arbitrary strings into custom file names and upload any files, and write malicious code to execute script...

7.5CVSS9.6AI score0.01229EPSS
Exploits1References1Affected Software1
Huntr
Huntradded 2023/04/29 1:51 p.m.96 views

Stored XSS and CSP Bypass in KiwiTCMS

Description Stored XSS, also known as persistent XSS, is the more damaging of the XSS. It occurs when a malicious script is injected directly into a vulnerable web application. Due to a sanitization problem it is possible to perform a Stored XSS. The problem is that the upload function permit...

6.2AI score
Exploits0
Hacker One
Hacker Oneadded 2023/03/04 11:5 p.m.11 views

U.S. Dept Of Defense: XSS Reflected

A reflected XSS vulnerability was discovered in the web asset, allowing an attacker to inject and execute malicious code in a victim's browser...

6.3AI score
Exploits0
NVD
NVDadded 2022/11/17 11:15 p.m.14 views

CVE-2022-39181

GLPI - Reports plugin for GLPI Reflected Cross-Site-Scripting RXSS. Type 1: Reflected XSS or Non-Persistent - The server reads data directly from the HTTP request and reflects it back in the HTTP response. Reflected XSS exploits occur when an attacker causes a victim to supply dangerous content t...

6.1CVSS0.00356EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2022/04/06 9:18 p.m.28 views

Omise: Cross-site scripting on dashboard2.omise.co

Summary: Cross-site scripting XSS is an attack vector that injects malicious code into a vulnerable web application. Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application. Steps To...

0.8AI score
Exploits0
Packet Storm
Packet Stormadded 2022/03/31 12:0 a.m.176 views

Message System 1.0 Cross Site Scripting

Title: Message System 1.0 1.0 XSS Stored Author: Hejap Zairy Date: 29.07.2022 Vendor: https://www.sourcecodester.com/php/15249/message-system-phpoop-free-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/pmms1.zip Reference:...

7.4AI score
Exploits0
Cvelist
Cvelistadded 2022/03/09 3:34 p.m.21 views

CVE-2022-24915 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. Th...

8CVSS8.9AI score0.00333EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2022/01/08 6:45 a.m.1175 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

vuln4japi A vulnerable Java based REST API for demonstrating C...

10CVSS9.2AI score0.94358EPSS
Exploits343
Rows per page
Query Builder