4399+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
A vulnerability was detected in classroombookings up to 2.17.0. This impacts the function read of the file crbs-core/application/views/layout.php of the component User Display Name Handler. …
A path traversal vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to access higher-level directories that should …
Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the login endpoint performs bcrypt password verification only when the supplied username exists, …
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
The OneSignal – Web Push Notifications plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 3.8.0. This is due to …
The component accepts XML input through the publisher without disabling external entity resolution. This allows malicious actors to submit a crafted XML payload that exploits …
A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token …
A security vulnerability has been detected in elinicksic Razgover up to db37dfc5c82f023a40f2f7834ded6633fb2b5262. This affects an unknown part of the file Chattify/send.php of the component Chat …
A vulnerability was detected in EyouCMS up to 1.7.7. The affected element is an unknown function of the file application/home/model/Ask.php of the component Ask Module. …
A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice …
On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, …
pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed …
A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the file /goform/formALGSetup of the component Web-based …
A weakness has been identified in zhujunliang3 work_platform up to 6bc5a50bb527ce27f7906d11ea6ec139beb79c31. This vulnerability affects unknown code of the component Content Handler. Executing manipulation can lead …
A security flaw has been discovered in sunhailin12315 product-review 商品评价系统 up to 91ead6890b4065bb45b7602d0d73348e75cb4639. This affects an unknown part of the component Write a Review. Performing …
Missing Authorization vulnerability in Automattic Crowdsignal Forms crowdsignal-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Crowdsignal Forms: from n/a through <= 1.7.2.
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile …
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to …
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing a manipulation results …
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of …
A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross …
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The …
A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the …
Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1. Summary The arrayLimit option in qs did not enforce …
A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross …
A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site …
A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation leads to cross …
A flaw has been found in SohuTV CacheCloud up to 3.2.0. The impacted element is the function redirectNoPower of the file src/main/java/com/sohu/cache/web/controller/WebResourceController.java. This manipulation causes …
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java. The manipulation results in …
An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file.
A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulation …
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a …
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results …
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulnerability is the function doAppAuditList of the file src/main/java/com/sohu/cache/web/controller/AppManageController.java. Such …
A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affected is the function advancedAnalysis of the file src/main/java/com/sohu/cache/web/controller/InstanceController.java. This manipulation causes cross site …
A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in …
A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site …
A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the file /data/pbootcms.db of the component SQLite Database. Executing …
A vulnerability was determined in TaleLin Lin-CMS up to 0.6.0. This affects an unknown part of the file /tests/config.py of the component Tests Folder. This …
A vulnerability has been found in rawchen ecms up to b59d7feaa9094234e8aa6c8c6b290621ca575ded. Affected by this vulnerability is the function updateProductServlet of the file src/servlet/product/updateProductServlet.java of the …
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This impacts the function doUserList of the file src/main/java/com/sohu/cache/web/controller/UserManageController.java. Performing manipulation results in cross site …
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the function doTotalList of the file src/main/java/com/sohu/cache/web/controller/TotalManageController.java. Such manipulation leads to …
A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of the file /actuator of the component Configuration Handler. Executing …
A security flaw has been discovered in yourmaileyes MOOC up to 1.17. This affects the function subreview of the file mooc/controller/MainController.java of the component Submission …
A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this vulnerability is the function getPositionUserList of the file /sys/position/getPositionUserList. This manipulation of …
A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument …
A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads …
A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. …
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument …
A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the …
Free website and port scanning — find vulnerabilities before attackers do.