Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Nuclei
Nucleiadded yesterday17 views

mojoPortal <=2.9.0.1 - Directory Traversal

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey. id: CVE-2025-28367 info: name: mojoPortal =2.9.0.1 - Directory Traversal author...

6.5CVSS7.3AI score0.02128EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/04/02 4:56 p.m.3 views

CVE-2026-0522

A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read arbitrary files from the server by manipulating a file's path during its upload. When the file is subsequently downloaded, the file in the attacker controlled pat...

8.8CVSS6.5AI score0.00608EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/11/07 12:0 a.m.9 views

Gladinet CentreStack <= 16.7.10368.56560 Local File Inclusion

Gladinet CentreStack through 16.7.10368.56560 fixed in 16.10.10408.56683 contain an unauthenticated Local File I nclusion LFI vulnerability CVE-2025-11371 that allows an attacker to read sensitive files notably Web.config without authentication; attackers observed exploiting this in the wild have...

9.8CVSS9AI score0.92287EPSS
Exploits8References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-28456

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.02139EPSS
Exploits1References1
NVD
NVDadded 2025/04/21 4:15 p.m.17 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

6.5CVSS0.02128EPSS
Exploits1References2
CVE
CVEadded 2025/04/21 12:0 a.m.119 views

CVE-2025-28367

mojoPortal

6.5CVSS7AI score0.02128EPSS
In wildExploits1References2Affected Software1
CNVD
CNVDadded 2016/09/03 12:0 a.m.2 views

Arbitrary File Download Vulnerability in Beijing Zhiqingweiye Submission System

Beijing Zhiqingweiye Submission System is a CMS system for all kinds of topics or magazines, which can be submitted remotely. The product has an arbitrary file download vulnerability, the vulnerability URL is: /Admin/Upload/Index?path=%2Fweb.config&fileName=%E9%99%84%E5%9B%BE&Browser=IE, an...

7.2AI score
Exploits0References1
CNVD
CNVDadded 2015/06/23 12:0 a.m.1 views

File Containment Vulnerability in Hangzhou Ancai Network Reimbursement System (CNVD-2017-02374)

Hangzhou Ancai Network Reimbursement System is an online reimbursement system that supports online bill of lading and online approval for employees, bidding farewell to paper transmission and improving the timeliness, safety and standardization of information transmission. A file inclusion...

7AI score
Exploits0References1
Rows per page
Query Builder