Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-7918

Malware in sbrugna...

4.3CVSS6.4AI score0.00225EPSS
Exploits2References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-7919

Malware in sbrugna...

6.8CVSS6.4AI score0.00396EPSS
Exploits2References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-2239

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00952EPSS
Exploits4References7
Github Security Blog
Github Security Blogadded 2022/05/14 3:14 a.m.19 views

Pagekit Stored Cross-site Scripting

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user...

4.8CVSS6.1AI score0.00952EPSS
Exploits4References5Affected Software1
CNVD
CNVDadded 2019/03/05 12:0 a.m.1 views

Joomla Zoo by YooTheme Components SQL Injection Vulnerability

Joomla is an open source content management system CMS. A SQL injection vulnerability exists in Joomla Zoo by YooTheme Components. An attacker can exploit this vulnerability to obtain sensitive database information...

7.9AI score
Exploits0References1
CNVD
CNVDadded 2019/03/05 12:0 a.m.1 views

Joomla Zoo by YooTheme Components Information Disclosure Vulnerability

Joomla is an open source content management system CMS. An information disclosure vulnerability exists in Joomla Zoo by YooTheme Components. An attacker can exploit this vulnerability to obtain sensitive information...

6.2AI score
Exploits0References1
Packet Storm
Packet Stormadded 2019/01/31 12:0 a.m.47 views

Joomla Zoo By YooTheme 3.3.10 Database Disclosure / SQL Injection

Exploit Title : Joomla Zoo by YooTheme Components 3.3.10 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 30/01/2019 Vendor Homepage : yootheme.com Software Download Link : yootheme.com/zoo Software Information Link :...

Exploits0
OSV
OSVadded 2018/06/02 1:29 a.m.13 views

CVE-2018-11564

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user...

4.8CVSS5.2AI score
Exploits0References3
NVD
NVDadded 2018/06/02 1:29 a.m.13 views

CVE-2018-11564

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user...

4.8CVSS5AI score0.00952EPSS
Exploits4References3
Prion
Prionadded 2018/06/02 1:29 a.m.24 views

Cross site scripting

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user...

3.5CVSS5AI score0.00952EPSS
Exploits4References3Affected Software1
Cvelist
Cvelistadded 2018/06/01 9:0 p.m.19 views

CVE-2018-11564

Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user...

4.9AI score0.00952EPSS
Exploits4References3
CVE
CVEadded 2018/06/01 9:0 p.m.63 views

CVE-2018-11564

CVE-2018-11564 affects PageKit/YOOtheme Pagekit ≤ 1.0.13. A stored XSS occurs when a privileged user uploads an SVG image via the picture upload feature; the file is not stripped/filtered. An attacker can then craft a link to “/storage/poc.svg” that, when clicked by another user, triggers XSS. Co...

4.8CVSS4.8AI score0.00952EPSS
Exploits4References3Affected Software1
OpenVAS
OpenVASadded 2014/10/16 12:0 a.m.26 views

YOOtheme Pagekit CMS Multiple Vulnerabilities

Pagekit CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.00396EPSS
Exploits2References2
NVD
NVDadded 2014/10/14 2:55 p.m.10 views

CVE-2014-8070

Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to index.php/user/logout...

6.8CVSS6.6AI score0.00396EPSS
Exploits2References1
NVD
NVDadded 2014/10/14 2:55 p.m.12 views

CVE-2014-8069

Multiple cross-site scripting XSS vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTP Referer header to index.php/user or 2 PATHINFO to index.php...

4.3CVSS5.7AI score0.00225EPSS
Exploits2References1
Prion
Prionadded 2014/10/14 2:55 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTP Referer header to index.php/user or 2 PATHINFO to index.php...

4.3CVSS6AI score0.00225EPSS
Exploits2References1Affected Software1
Prion
Prionadded 2014/10/14 2:55 p.m.14 views

Open redirect

Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to index.php/user/logout...

6.8CVSS7AI score0.00396EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2014/10/14 2:0 p.m.45 views

CVE-2014-8069

CVE-2014-8069 affects YOOtheme Pagekit CMS 0.8.7. Multiple reflected XSS vulnerabilities allow remote attackers to inject arbitrary script/HTML via the HTTP Referer header to index.php/user or via PATH_INFO to index.php. Affected component is Pagekit’s index.php handling; root cause is improper v...

4.3CVSS5.8AI score0.00225EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2014/10/14 2:0 p.m.43 views

CVE-2014-8070

Pagekit CMS 0.8.7 is affected by CVE-2014-8070, an open redirect vulnerability. A crafted value in the redirect parameter to index.php/user/logout can redirect users to arbitrary sites, enabling phishing via trust manipulation. The OpenVAS/NVD entries corroborate a cross-site redirect risk and th...

6.8CVSS6.8AI score0.00396EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2014/10/14 2:0 p.m.26 views

CVE-2014-8070

Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to index.php/user/logout...

6.6AI score0.00396EPSS
Exploits2References1
Rows per page
Query Builder