Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/05/27 12:0 a.m.6 views

Pi.Alert SQL注入漏洞

Pi.Alert is a WIFI/LAN intrusion detector developed by the individual developer jokob-sk. Versions of Pi.Alert prior to version 2026-05-07 contained an SQL injection vulnerability. This vulnerability stemmed from improper handling of the action and scansource parameters in requests sent to...

8.7CVSS5.9AI score0.00085EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/09/30 12:0 a.m.6 views

PT-2025-40025

Name of the Vulnerable Software and Affected Versions MegaSys Telenium Online Web Application affected versions not specified Description The Telenium Online Web Application contains a critical command injection flaw stemming from an insecurely terminated regular expression check within a PHP...

9.8CVSS8.6AI score0.01547EPSS
Exploits0References13
Snyk
Snykadded 2025/07/25 2:45 p.m.1 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the q URL parameter in the /api/v2.0/users endpoint. An attacker can retrieve sensitive password hash and salt values by abusing the filtering capability to extract this information character by character. Note:...

6.9CVSS6.8AI score0.00387EPSS
Exploits0References2
NVD
NVDadded 2025/03/11 1:15 a.m.5 views

CVE-2025-25245

SAP BusinessObjects Business Intelligence Platform Web Intelligence contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a...

6.1CVSS0.00114EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/03/11 12:34 a.m.5 views

CVE-2025-25245 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)

SAP BusinessObjects Business Intelligence Platform Web Intelligence contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a...

5.4CVSS7AI score0.00114EPSS
Exploits0References2
CVE
CVEadded 2025/03/11 12:34 a.m.50 views

CVE-2025-25245

CVE-2025-25245 affects SAP BusinessObjects BI Platform (Web Intelligence). A deprecated web application endpoint that is not properly secured allows injection of a malicious URL via data returned to the user, enabling cross-site scripting within the victim’s browser. Impacts are limited to confid...

6.1CVSS7AI score0.00114EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2023/12/12 12:0 a.m.2 views

SAS Stored Process Web Application Cross-Site Scripting Vulnerability

The SAS Stored Process Web Application is a stored procedure web application from SAS. A cross-site scripting vulnerability exists in SAS Stored Process Web Application versions 9.4M7 and 9.4M8, which stems from a reflected cross-site scripting XSS vulnerability in the program parameter of the...

6.3CVSS5.4AI score0.00106EPSS
Exploits0References4
Rows per page
Query Builder