Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2019/04/06 12:0 a.m.380 views

WordPress Form Maker 1.13.2 Cross Site Request Forgery / Local File Inclusion Vulnerabilities

WordPress Form Maker plugin version 1.13.2 suffers from cross site request forgery and local file inclusion vulnerabilities. Title: Form Maker by WD CSRF / LFI Exploit Author: Panagiotis Vagenas Vendor Homepage: http://web-dorado.com/ Software Link: https://wordpress.org/plugins/form-maker Versio...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/04/10 12:0 a.m.380 views

Simple Help Desk Remote Upload Vulnerability

Exploit for php platform in category web applications Author : L3b-r1'z Title : Simple Help Desk Remote Upload Vulnerability Email : email protected Site : Sec4Leb.Com Download : http://simplehelpdesk.com/helpdeskfinal.zip Dork : allintitle: "Help Desk - Log In" Upload Vuln + P0c : First Register...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/04/05 12:0 a.m.379 views

User Registration And Login And User Management System 3.2 SQL Injection Vulnerability

Exploit Title: User Registration & Login and User Management System v3.2 - SQL Injection Unauthenticated Exploit Author: Yusuf DİNÇ Google Dork: NA Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/03/11 12:0 a.m.379 views

WordPress Duplicator Plugin < 1.5.7.1 - Unauthenticated Sensitive Data Exposure Account Takeover

Exploit Title: WordPress Plugin Duplicator 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover Google Dork: inurl:"plugins/duplicator/" Date: 2023-12-04 Exploit Author: Dmitrii Ignatyev Vendor Homepage:...

7.5CVSS7.7AI score0.30894EPSS
Exploits5
0day.today
0day.today
added 2023/10/09 12:0 a.m.379 views

GLPI GZIP(Py3) 9.4.5 - Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

8.8CVSS8.8AI score0.10949EPSS
Exploits7
0day.today
0day.today
added 2023/09/18 12:0 a.m.379 views

Academy LMS 6.2 Cross Site Scripting Vulnerability

Exploit Title: Academy LMS 6.2 - Reflected XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4973 CWE: CWE-79 - CWE-74...

6.1CVSS5.2AI score0.01835EPSS
Exploits4
0day.today
0day.today
added 2023/09/11 12:0 a.m.379 views

Wordpress Elementor 3.5.5 Plugin - Iframe Injection Vulnerability

Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlled URLs from being...

6.1CVSS6.3AI score0.02027EPSS
Exploits5
0day.today
0day.today
added 2023/08/16 12:0 a.m.379 views

Hyip Rio 2.1 Cross Site Scripting / File Upload Vulnerabilities

Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE: CVE-2023-4382 Description Allows...

5.4CVSS7.1AI score0.01131EPSS
Exploits4
0day.today
0day.today
added 2023/04/12 12:0 a.m.379 views

Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service Exploit

Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS. Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Fatal OOM/Crash macOS Vendor: Google LLC Product web page: https://www.google.com Affected version:...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/30 12:0 a.m.379 views

4images 1.9 - Remote Command Execution Vulnerability

Exploit Title: 4images 1.9 - Remote Command Execution RCE Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Selec...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/06/29 12:0 a.m.379 views

AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service Vulnerabilities

Exploit Title: AnyDesk allow arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine Exploit Author: Erwin Chan Vendor Homepage: https://anydesk.com/en Software Link: https://anydesk.com/en Version: 7.0.9 Tested on: Windows 11 It was found that AnyDesk versi...

0.6AI score
Exploits0
0day.today
0day.today
added 2022/05/24 12:0 a.m.379 views

Blockchain FiatExchanger 2.2.1 SQL Injection Vulnerability

Information Vulnerability Name : Remote Blind SQL Injections in Inout Blockchain FiatExchanger Product : Inout Blockchain FiatExchanger version : 2.2.1 Vendor Site : https://www.inoutscripts.com/products/inout-blockchain-fiatexchanger/ Exploit Detail :...

0.7AI score
Exploits0
0day.today
0day.today
added 2022/02/05 12:0 a.m.379 views

Korenix Technology JetWave CSRF / Command Injection / Missing Authentication Vulnerabilities

Korenix Technology JetWave products JetWave 2212X, JetWave 2212S, JetWave 2212G, JetWave 2311, and JetWave 3220 suffer from unauthenticated device administration, cross site request forgery, multiple command injection, and unauthenticated tftp action vulnerabilities...

9.8CVSS0.8AI score0.23282EPSS
Exploits11
0day.today
0day.today
added 2024/02/28 12:0 a.m.378 views

Blood Bank v1.0 - Multiple SQL Injection Vulnerability

Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...

5.5CVSS7.4AI score0.00394EPSS
Exploits9
0day.today
0day.today
added 2024/01/02 12:0 a.m.378 views

FTPDMIN 0.96 Denial Of Service Exploit

!/usr/bin/perl use Net::FTP; Exploit Title: FTPDMIN 0.96 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://www.sentex.ca/mwandel/ftpdmin/ Download to demo: https://drive.google.com/file/d/1CpfvaJbJVxR3HPWvcxIVipTaTj7RAaLd/view?usp=sharing...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/12/04 12:0 a.m.378 views

GaatiTrack Courier Management System 1.0 SQL Injection Vulnerability

Exploit Title: GaatiTrack Courier Management System v1.0 - SQL Injection Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.mayurik.com/ Software Link: https://www.mayurik.com/source-code/P0998/best-courier-management-system-project-in-php Version: v1.0 Teste...

9.8CVSS7.4AI score0.01092EPSS
Exploits3
0day.today
0day.today
added 2023/04/06 12:0 a.m.379 views

Dompdf 1.2.1 - Remote Code Execution Exploit

!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...

9.8CVSS9.2AI score0.82438EPSS
Exploits8
0day.today
0day.today
added 2022/12/10 12:0 a.m.378 views

ILIAS eLearning 7.15 Command Injection / XSS / LFI / Open Redirect Vulnerabilities

ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and open redirection vulnerabilities. ======================================================================= title: Multiple critical vulnerabilities produc...

8.8CVSS0.1AI score0.04657EPSS
Exploits6
0day.today
0day.today
added 2022/09/09 12:0 a.m.378 views

InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal Vulnerability

Title: ====== AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal Author: ======= Jens Regel, CRISEC IT-Security CVE: ==== CVE-2022-23854 Advisory: ========= https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/ Timeline: ========= 25.06.2021...

7.5CVSS7.8AI score0.45957EPSS
Exploits5
0day.today
0day.today
added 2022/08/15 12:0 a.m.378 views

Readymade Job Portal Script SQL Injection Vulnerability

Readymade Job Portal Script suffers from a remote SQL injection vulnerability. The researcher requested version information from the vendor while reporting the vulnerability but the company has been unresponsive. ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

7.9AI score
Exploits0
0day.today
0day.today
added 2021/11/15 12:0 a.m.378 views

KONGA 0.14.9 - Privilege Escalation Exploit

Exploit Title: KONGA 0.14.9 - Privilege Escalation Exploit Author: Fabricio Salomao & Paulo Trindade @paulotrindadec Vendor Homepage: https://github.com/pantsel/konga Software Link: https://github.com/pantsel/konga/archive/refs/tags/0.14.9.zip Version: 0.14.9 Tested on: Linux - Ubuntu 20.04.3 LTS...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/11/01 12:0 a.m.378 views

CODESYS 2.4.7.0 Denial Of Service Exploit

======================================================================= title: CODESYS V2 Denial of Service product: CODESYS Runtime Toolkit 32-bit, CODESYS PLCWinNT vulnerable version: V2.4.7.56 fixed version: V2.4.7.56 CVE number: CVE-2021-34593 impact: High homepage: https://www.codesys.com/...

7.5CVSS7.5AI score0.02649EPSS
Exploits4
0day.today
0day.today
added 2020/04/14 12:0 a.m.378 views

Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution Exploit

This Metasploit module exploits an authenticated command injection vulnerability in the v-list-user-backups bash script file in Vesta Control Panel to gain remote code execution as the root user. This module requires Metasploit: https://metasploit.com/download Current source:...

9CVSS0.9AI score0.77261EPSS
Exploits7
0day.today
0day.today
added 2023/03/30 12:0 a.m.377 views

Concrete5 CME v9.1.3 - Xpath injection Vulnerability

Exploit Title: Concrete5 CME v9.1.3 - Xpath injection Author: nu11secur1ty Vendor: https://www.concretecms.org/ Software: https://www.concretecms.org/download Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/concretecms.org/2022/concretecms-9.1.3 Description: The URL...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/06/04 12:0 a.m.377 views

IIPImage Remote Memory Corruption Exploit

IIPImage is distributed with a server that enables advanced, high-performance image manipulation for web-based streaming and viewing of high resolution images. The server component called iipsrv.fcgi processes requests from users and passes them to command handlers. Several crashes including an...

7.5CVSS8.4AI score0.01177EPSS
Exploits2
0day.today
0day.today
added 2021/07/21 12:0 a.m.377 views

Sage X3 Administration Service Authentication Bypass / Command Execution Exploit

This Metasploit module leverages an authentication bypass exploit within Sage X3 AdxSrv's administration protocol to execute arbitrary commands as SYSTEM against a Sage X3 Server running an available AdxAdmin service. This module requires Metasploit: https://metasploit.com/download Current source...

10CVSS8.5AI score0.70268EPSS
Exploits7
0day.today
0day.today
added 2020/07/27 12:0 a.m.377 views

Webtareas 2.1p - Arbitrary File Upload (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/01/03 12:0 a.m.377 views

Linux (CUPSD 1.x.x/2.x.x) Remote 0day Exploit

Yields user 'lp' shell. Targets Debian/RHEL/Ubuntu and more...

1.6AI score
Exploits0
0day.today
0day.today
added 2019/03/16 12:0 a.m.377 views

Webmin 1.900 Upload Authenticated Remote Command Execution Exploit

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the Running Processes proc privilege is set the user can...

0.6AI score
Exploits0
0day.today
0day.today
added 2010/11/01 12:0 a.m.377 views

Easyreplicasrl - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications =================================================== Easyreplicasrl - Remote SQL Injection Vulnerability =================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/03/06 12:0 a.m.376 views

CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution Exploit

Exploit Title: CSZ CMS Version 1.3.0 Remote Command Execution Exploit Author: tmrswrr Vendor Homepage: https://www.cszcms.com/ Software Link: https://www.cszcms.com/link/3https://sourceforge.net/projects/cszcms/files/latest/download Version: Version 1.3.0 Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/01/06 12:0 a.m.376 views

Terramaster TOS 4.2.15 - Remote Code Execution Exploit

Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Tested on: 4.2.15,...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/10/27 12:0 a.m.376 views

Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation Exploit

Exploit for php platform in category web applications Source: https://github.com/XiphosResearch/exploits/tree/master/Joomraa While analysing the recent Joomla exploit in comusers:user.register we came across a problem with the upload whitelisting. They don't allow files containing SetHandler...

7.5CVSS9AI score0.97426EPSS
Exploits15
0day.today
0day.today
added 2012/10/03 12:0 a.m.376 views

Diy21 CMS v3.10 (product.php) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Diy21 CMS v3.10 product.php SQL Injection Vulnerability Date: 03-10-2012 Author: Mouh Marvel-Dz Facebook : http://www.facebook.com/mouh.marvel Category: webapps Google dork: intext:"Powered by: Diy21 CMS v3.10"...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/11/24 12:0 a.m.375 views

CUPS IPP Attributes LAN Remote Code Execution Exploit

This Metasploit module exploits vulnerabilities in OpenPrinting CUPS, which is running by default on most Linux distributions. The vulnerabilities allow an attacker on the LAN to advertise a malicious printer that triggers remote code execution when a victim sends a print job to the malicious...

9CVSS8.3AI score0.76959EPSS
Exploits17
0day.today
0day.today
added 2024/09/11 12:0 a.m.375 views

ASIS 3.2.0 SQL Injection Vulnerability

Aplikasi Sistem Sekolah using CodeIgniter 3 versions 3.0.0 through 3.2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass...

9.8CVSS10AI score0.36297EPSS
Exploits3
0day.today
0day.today
added 2024/02/05 12:0 a.m.375 views

Bank Locker Management System SQL Injection Vulnerability

Exploit Title: Bank Locker Management System - SQL Injection Application: Bank Locker Management System Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/ Tested on: Windows ...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/01/29 12:0 a.m.375 views

Vinchin Backup And Recovery 7.2 SystemHandler.class.php Command Injection Vulnerability

CVE ID: CVE-2024-22903 Title: Command Injection Vulnerability in SystemHandler.class.php of Vinchin Backup & Recovery Versions 7.2 and Earlier Description: A significant security vulnerability, CVE-2024-22903, has been identified in the deleteUpdateAPK function within the SystemHandler.class.php...

8.8CVSS7.2AI score0.01861EPSS
Exploits4
0day.today
0day.today
added 2023/06/27 12:0 a.m.375 views

Apache Druid JNDI Injection Remote Code Execution Exploit

This Metasploit module is designed to exploit the JNDI injection vulnerability in Druid. The vulnerability specifically affects the indexer/v1/sampler interface of Druid, enabling an attacker to execute arbitrary commands on the targeted server. The vulnerability is found in Apache Kafka clients...

8.8CVSS9.5AI score0.95302EPSS
Exploits8
0day.today
0day.today
added 2022/11/21 12:0 a.m.375 views

WordPress BeTheme 26.5.1.4 PHP Object Injection Vulnerability

ADVISORY INFORMATION ======================= Product: Betheme Vendor URL: https://muffingroup.com/betheme/ Type: Deserialization of Untrusted Data CWE-502 Date found: 2022-11-02 Date published: 2022-11-18 CVSSv3 Score: 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE: CVE-2022-3861 2...

8.8CVSS0.1AI score0.01984EPSS
Exploits5
0day.today
0day.today
added 2021/10/04 12:0 a.m.375 views

Online-Food-Ordering-Web-App SQL Injection Vulnerability

CVE-2021-41647 SQL Injection in Online-Food-Ordering-Web-App The Online-Food-Ordering-Web-App is vulnerable to un-authenticated error and time-based blind SQL Injection attacks. The username parameter on the /login.php page does not sanitize the user input, an attacker is able to bypass the login...

9.1CVSS0.2AI score0.01944EPSS
Exploits4
0day.today
0day.today
added 2020/03/04 12:0 a.m.375 views

EyesOfNetwork AutoDiscovery Target Command Execution Exploit

This Metasploit module exploits multiple vulnerabilities in EyesOfNetwork version 5.3 and prior in order to execute arbitrary commands as root. This module takes advantage of a command injection vulnerability in the target parameter of the AutoDiscovery functionality within the EON web interface ...

9.8CVSS10.4AI score0.91874EPSS
Exploits12
0day.today
0day.today
added 2012/12/17 12:0 a.m.375 views

DataLife Engine DLE Forum plugin 2.x SQL Injection Exploit (0day)

DLE Forum is the most popular plugin for DataLife Engine CMS that is widely used by warez sites. Exploit is using blind sql injection and discovers all the admin hashes. Dork has more than 1 million google results. totally 0day. This is private exploit. You can buy it at https://0day.today...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/11/24 12:0 a.m.375 views

W3infotech ( Auth Bypass ) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ====================================================== W3infotech Auth Bypass SQL Injection Vulnerability ====================================================== +====================================================================|| About ...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/02/17 12:0 a.m.374 views

SISQUALWFM 7.1.319.103 - Host Header Injection Vulnerability

Exploit Title: SISQUALWFM 7.1.319.103 Host Header Injection Discovered Date: 17/03/2023 Reported Date: 17/03/2023 Resolved Date: 13/10/2023 Exploit Author: Omer Shaik unknownexploit Vendor Homepage: https://www.sisqualwfm.com Version: 7.1.319.103 Tested on: SISQUAL WFM 7.1.319.103 Affected Versio...

6.1CVSS6.5AI score0.00507EPSS
Exploits5
0day.today
0day.today
added 2023/12/12 12:0 a.m.374 views

WordPress Bravo Translate 1.2 SQL Injection Vulnerability

Exploit Title: WP Plugins Bravo Translate = 1.2 - SQL Injection Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/bravo-translate/ Version: 1.2 Tested on: Windows, Linux CVE: CVE-2023-49161 Product Description This plugin allow you to translate your monolingual website in a sup...

9.1CVSS9.4AI score0.00605EPSS
Exploits2
0day.today
0day.today
added 2023/06/08 12:0 a.m.374 views

Delta Electronics InfraSuite Device Master Deserialization Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics InfraSuite Device Master Deserialization', 'Description' = %q Delta Electronics InfraSuite Device Master versions below v1.0.5...

9.8CVSS9.2AI score0.5005EPSS
Exploits3
0day.today
0day.today
added 2023/06/08 12:0 a.m.374 views

RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution Vulnerabilities

LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 ======================================================================== Contents ======================================================================== Summary CVE-2023-33865, a symlink vulnerability in /tmp/RenderDoc -...

9.8CVSS7.1AI score0.10789EPSS
Exploits7
0day.today
0day.today
added 2023/02/15 12:0 a.m.374 views

GitLab GitHub Repo Import Deserialization Remote Code Execution Exploit

An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...

9.9CVSS9.6AI score0.86194EPSS
Exploits5
0day.today
0day.today
added 2023/02/15 12:0 a.m.374 views

Arris Router Firmware 9.1.103 Remote Code Execution Exploit

Arris Router Firmware version 9.1.103 authenticated remote code execution exploit that has been tested against the TG2482A, TG2492, and SBG10 models. Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Exploit Author: Yerodin Richards Vendor Homepage:...

8.8CVSS9.2AI score0.42326EPSS
Exploits6
Total number of security vulnerabilities5000