Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2025/08/27 3:32 a.m.7 views

CVE-2025-9505 Campcodes Online Loan Management System ajax.php sql injection

A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS0.0009EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-31418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to ex...

7.5CVSS7.2AI score0.00762EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/04/26 12:0 a.m.1 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.5.x through 9.5.3 and 8.1.x through 8.1.12, which stems from the presence of an issue where a team administrator can promote a guest to a team...

2.7CVSS6.8AI score0.00139EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2022/01/20 12:0 a.m.0 views

The vulnerability of the Node.js software platform, related to inconsistent interpretation of HTTP requests, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Node.js software platform is related to unauthorized HTTP request exports. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

9.8CVSS0.32252EPSS
Exploits0References11Affected Software5
RedHat Linux
RedHat Linuxadded 2020/10/28 6:24 p.m.1 views

Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS

An HTTP detection flaw was discovered in Django. If deployed behind a reverse-proxy connecting to Django via HTTPS, django.http.HttpRequest.scheme incorrectly detected client requests made using HTTP as using HTTPS. This resulted in incorrect results for issecure and buildabsoluteuri, and HTTP...

5.3CVSS7.2AI score0.04217EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2020/07/31 12:0 a.m.1 views

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server, related to insufficient cleaning of web requests, allows attackers to perform cross-site scripting attacks.

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server lies in insufficient cleaning of web requests. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially crafted web requests to the vulnerable servers...

5.4CVSS0.01104EPSS
Exploits0References2
Rows per page
Query Builder