Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1297 matches found

Vulnrichment
Vulnrichmentadded 2024/10/01 3:40 p.m.15 views

CVE-2024-47071 OSS Endpoint Manager allows unauthorized access to read system files

OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions of the webserver process. This vulnerability is fixed in 14.0.4...

6.8CVSS6.4AI score0.00175EPSS
Exploits0References2
NVD
NVDadded 2021/06/21 11:15 p.m.12 views

CVE-2010-1433

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate...

9.8CVSS0.00017EPSS
Exploits0References2
Cvelist
Cvelistadded 2021/06/21 10:13 p.m.14 views

CVE-2010-1433

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate...

9.6AI score0.00017EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2019/11/22 1:45 p.m.83 views

Apache Airflow vulnerable to XSS and local file disclosure

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process...

4.8CVSS5.9AI score0.00745EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2019/11/22 1:45 p.m.19 views

GHSA-Q3P4-GW7R-WQJC Apache Airflow vulnerable to XSS and local file disclosure

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process...

4.8CVSS5.4AI score0.00745EPSS
Exploits0References6
Cvelist
Cvelistadded 2019/10/30 9:4 p.m.16 views

CVE-2019-12417

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process...

5.4AI score0.00745EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2018/11/29 12:0 a.m.108 views

WordPress sermon-shortcodes 1.0 Arbitrary File Download

Exploit Title : WordPress sermon-shortcodes 1.0 Plugins Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 27/11/2018 Vendor Homepage : wordpress.org sermonmanager.pro...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2015/08/12 12:0 a.m.3 views

PhpGedView File Inclusion and PHP Code Injection Vulnerabilities (CVE-2011-0405)

PhpGedView is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process...

6.8CVSS3.2AI score0.09891EPSS
Exploits2
0day.today
0day.todayadded 2015/03/20 12:0 a.m.29 views

Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal Vulnerability

Exploit for java platform in category web applications source: http://www.securityfocus.com/bid/50567/info Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/09/29 12:0 a.m.97 views

Glype proxy cookie jar path traversal allows code execution

------------------------------------------------------------------------ Glype proxy cookie jar path traversal allows code execution ------------------------------------------------------------------------ Securify, September 2014...

3.2AI score
Exploits0
seebug.org
seebug.orgadded 2014/09/29 12:0 a.m.11 views

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43495/info LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2014/09/23 12:0 a.m.24 views

LittleSite 0.1 - index.php Local File Inclusion

LittleSite 0.1 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/43495/info LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

7.4AI score
Exploits0
0day.today
0day.todayadded 2014/09/23 12:0 a.m.23 views

LittleSite 0.1 Local File Include Vulnerability

Exploit for php platform in category web applications source: http://www.securityfocus.com/bid/43495/info LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

7.5CVSS6.6AI score0.02619EPSS
Exploits3
Check Point Advisories
Check Point Advisoriesadded 2014/08/27 12:0 a.m.1 views

Web Servers Joomla Remote File Inclusion

Joomla component is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This...

5.3AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.25 views

Global Centre Aplomb Poll 1.1 vote.php Madoa Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/25138/info Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.59 views

Mambo/Joomla Com_comprofiler 1.0 Plugin.class.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19725/info The Mambo and Joomla comcomprofiler component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.15 views

PHPBB 2.0.x Template.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18255/info The phpBB application is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include a...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.17 views

FD Script 1.3.x FName Parameter Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22265/info FD Script is prone to an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.9 views

Absolute News Manager .NET 5.1 pages/default.aspx template Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

YACS 6.6.1 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

7.1AI score
Exploits0
Rows per page
Query Builder