Name |
Template |
Ivanti EPMM - Authentication Bypass |
cve/CVE-2023-35078.yaml |
Metabase - Pre-authentication Remote Code Execution |
cve/CVE-2023-38646.yaml |
CasaOS - Authentication Bypass |
cve/CVE-2023-37265.yaml, cve/CVE-2023-37266.yaml |
Cloudpanel 2 - Remote Code Execution |
cve/CVE-2023-35885.yaml |
XWiki Platform - Remote Code Execution |
cve/CVE-2023-37462.yaml |
Adobe ColdFusion - Pre-Auth Remote Code Execution |
cve/CVE-2023-29300.yaml |
Adobe ColdFusion - Access Control Bypass |
cve/CVE-2023-29298.yaml |
MOVEit - SQL Injection |
cve/CVE-2023-36934.yaml |
Apache Log4j Server - Deserialization Command Execution |
network/CVE-2017-5645.yaml |
ClockWatch Enterprise - Remote Code Execution |
network/clockwatch-enterprise-rce.yaml |
Dropbear sshd CBC Mode Ciphers Detection |
network/dropbear-cbc-ciphers.yaml |
AddPac GSM VoIP Gateway Panel - Detect |
network/detect-addpac-voip-gateway.yaml |
SMB Detection |
network/smb-detect.yaml |
SAPRouter - Routing information leak |
network/sap-router-info-leak.yaml |
MSMQ (Microsoft Message Queuing Service) Remote - Detect |
network/msmq-detect.yaml |
Memcached stats disclosure |
network/memcached-stats.yaml |
EXPN Mail Server Detect |
network/expn-mail-detect.yaml |
FTP Anonymous Login |
network/ftp-anonymous-login.yaml |
RabbitMQ Detection |
network/rabbitmq-detect.yaml |
CQL Native Transport Detect |
network/cql-native-transport.yaml |
POP3 Protocol - Detect |
network/pop3-detect.yaml |
Exposed Android Debug Bridge |
network/exposed-adb.yaml |
Windows Remote Desktop Protocol - Detect |
network/rdp-detect.yaml |
MongoDB Service - Detect |
network/mongodb-detect.yaml |
Redis Server - Unauthenticated Access |
network/exposed-redis.yaml |
Microsoft FTP Service Detect |
network/microsoft-ftp-service.yaml |
PostgreSQL - User Enumeration |
network/psql-user-enum.yaml |
Dropbear sshd Weak Key Exchange Algorithms Enabled |
network/dropbear-weakalgo.yaml |
Ganglia XML Grid Monitor |
network/ganglia-xml-grid-monitor.yaml |
Kafka Topics Enumeration |
network/kafka-topics-list.yaml |
Xlight FTP Service Detect |
network/xlight-ftp-service-detect.yaml |
VSFTPD 2.3.4 - Backdoor Command Execution |
network/vsftpd-backdoor.yaml |
Unauthorized Printer Access |
network/printers-info-leak.yaml |
Microsoft .NET Remoting httpd - Detect |
network/dotnet-remoting-service-detect.yaml |
Docker Daemon Exposed |
network/exposed-dockerd.yaml |
Apache Rocketmq Broker - Unauthenticated Access |
network/apache-rocketmq-broker-unauth.yaml |
Jabber XMPP Protocol - Detect |
network/detect-jabber-xmpp.yaml |
STARTTLS Mail Server Detection |
network/starttls-mail-detect.yaml |
VNC Service Detection |
network/vnc-service-detect.yaml |
VMware Authentication Daemon Detection |
network/vmware-authentication-daemon-detect.yaml |
MikroTik RouterOS API - Detect |
network/mikrotik-routeros-api.yaml |
TiDB - Unauthenticated Access |
network/tidb-unauth.yaml |
Dropbear sshd Detection |
network/sshd-dropbear-detect.yaml |
Telnet Detection |
network/telnet-detect.yaml |
TeamSpeak 3 ServerQuery Detection |
network/teamspeak3-detect.yaml |
GNU Inetutils FTPd Detect |
network/gnu-inetutils-ftpd-detect.yaml |
Apache Airflow <=1.10.10 - Command Injection |
network/CVE-2020-11981.yaml |
Gopher Service - Detect |
network/gopher-detect.yaml |
ZTE Router Panel - Detect |
network/backdoored-zte.yaml |
Weblogic T3 Protocol Detection |
network/weblogic-t3-detect.yaml |
ProFTPD Server Detect |
network/proftpd-server-detect.yaml |
IMAP - Detect |
network/imap-detect.yaml |
ClamAV Server Detect |
network/clamav-detect.yaml |
Apache ZooKeeper - Unauthenticated Access |
network/exposed-zookeeper.yaml |
Rsyncd Service - Detect |
network/rsyncd-service-detect.yaml |
MySQL - Detect |
network/mysql-detect.yaml |
MongoDB Information - Detect |
network/mongodb-info-enum.yaml |
iPlanet Messaging Server IMAP Protocol - Detection |
network/iplanet-imap-detect.yaml |
ESMTP - Detect |
network/esmtp-detect.yaml |
Java Remote Method Invocation Protocol - Detect |
network/java-rmi-detect.yaml |
ActiveMQ OpenWire Transport Detection |
network/activemq-openwire-transport-detect.yaml |
Totemomail SMTP Server Detection |
network/totemomail-smtp-detect.yaml |
IBM DB2 Database Server - Detect |
network/ibm-d2b-database-server.yaml |
RTSP - Detect |
network/rtsp-detect.yaml |
MikroTik FTP server Detect |
network/mikrotik-ftp-server-detect.yaml |
OpenSSH Service - Detect |
network/openssh-detect.yaml |
Apache Dubbo - Unauthenticated Access |
network/apache-dubbo-unauth.yaml |
ClamAV Server - Unauthenticated Access |
network/clamav-unauth.yaml |
TiDB - Password Vulnerability |
network/tidb-native-password.yaml |
SMTP User Enumeration |
network/smtp-user-enum.yaml |
PostgreSQL Authentication - Detect |
network/pgsql-detect.yaml |
Niagara Fox Protocol Information Enumeration |
network/niagara-fox-info-enum.yaml |
Beanstalk Service - Detect |
network/beanstalk-service.yaml |
SMTP Commands Enumeration |
network/smtp-commands-enum.yaml |
LDAP Server NULL Bind Connection Information Disclosure |
network/ldap-anonymous-login.yaml |
SMTP Service Detection |
network/smtp-detect.yaml |
Riak Detection |
network/riak-detect.yaml |
PostgreSQL - Unauthenticated Access |
network/unauth-psql.yaml |
Weblogic IIOP Protocol Detection |
network/weblogic-iiop-detect.yaml |
Dropbear Weak MAC Algorithms Enabled |
network/dropbear-weakmac.yaml |
Finger Daemon Detection |
network/finger-detect.yaml |
Cisco Smart Install Endpoints Exposure |
network/cisco-smi-exposure.yaml |
Samba Service Detection |
network/samba-detect.yaml |
Redis Service - Detect |
network/redis-detect.yaml |
Axigen Mail Server Detection |
network/axigen-mail-server-detect.yaml |
MySQL - Password Vulnerability |
network/mysql-native-password.yaml |
FTP Service - Credential Weakness |
network/ftp-weak-credentials.yaml |
ClickHouse - Unauthorized Access |
network/clickhouse-unauth.yaml |
MongoDB - Unauthenticated Access |
network/mongodb-unauth.yaml |
Rpcbind Portmapper - Detect |
network/rpcbind-portmapper-detect.yaml |
SAPRouter Detection |
network/sap-router.yaml |
Apache ActiveMQ Detection |
network/apache-activemq-detect.yaml |
Cisco Finger Daemon Detection |
network/cisco-finger-detect.yaml |
Ruijie RG-UAC Unified Internet Behavior Management Audit System - Information |
cnvd/CNVD-2021-14536.yaml |
ShopXO Download File Read (CNVD-2021-15822) |
cnvd/CNVD-2021-15822.yaml |
Metinfo - Local File Inclusion (CNVD-2018-13393) |
cnvd/CNVD-2018-13393.yaml |
Fanwei eMobile - OGNL Injection (CNVD-2017-03561) |
cnvd/CNVD-2017-03561.yaml |
H5S CONSOLE - Unauthorized Access (CNVD-2020-67113) |
cnvd/CNVD-2020-67113.yaml |
ThinkPHP Multi Languag - File Inc & Remote Code Execution (RCE) (CNVD-2022-86535) |
cnvd/CNVD-2022-86535.yaml |
EEA - Information Disclosure (CNVD-2021-10543) |
cnvd/CNVD-2021-10543.yaml |
Showdoc <2.8.6 - File Uploads (CNVD-2020-26585) |
cnvd/CNVD-2020-26585.yaml |
CatfishCMS RCE (CNVD-2019-06255) |
cnvd/CNVD-2019-06255.yaml |
jshERP - Information Disclosure (CNVD-2020-63964) |
cnvd/CNVD-2020-63964.yaml |
Xxunchi CMS - Local File Inclusion (CNVD-2020-23735) |
cnvd/CNVD-2020-23735.yaml |
WeiPHP 5.0 - Path Traversal (CNVD-2020-68596) |
cnvd/CNVD-2020-68596.yaml |
EmpireCMS DOM Cross Site-Scripting (CNVD-2021-15824) |
cnvd/CNVD-2021-15824.yaml |
Ruijie Smartweb Management System Password Information Disclosure (CNVD-2021-17369) |
cnvd/CNVD-2021-17369.yaml |
E-Cology V9 - SQL Injection (CNVD-2023-12632) |
cnvd/CNVD-2023-12632.yaml |
Fanwei e-cology <=9.0 - Remote Code Execution (CNVD-2019-32204) |
cnvd/CNVD-2019-32204.yaml |
eYouMail - Remote Code Execution (CNVD-2021-26422) |
cnvd/CNVD-2021-26422.yaml |
Ruijie Smartweb - Default Password (CNVD-2020-56167) |
cnvd/CNVD-2020-56167.yaml |
UFIDA NC BeanShell Remote Command Execution (CNVD-2021-30167) |
cnvd/CNVD-2021-30167.yaml |
ZenTao CMS - SQL Injection (CNVD-2022-42853) |
cnvd/CNVD-2022-42853.yaml |
Sunflower Simple and Personal - Remote Code Execution (CNVD-2022-03672) |
cnvd/CNVD-2022-03672.yaml |
Pan Micro E-office File Uploads (CNVD-2021-49104) |
cnvd/CNVD-2021-49104.yaml |
Ruoyi Management System - Local File Inclusion (CNVD-2021-01931) |
cnvd/CNVD-2021-01931.yaml |
Zhiyuan A8 - Remote Code Execution (CNVD-2019-19299) |
cnvd/CNVD-2019-19299.yaml |
Landray-OA - Local File Inclusion (CNVD-2021-28277) |
cnvd/CNVD-2021-28277.yaml |
Sangfor EDR - Remote Code Execution (CNVD-2020-46552) |
cnvd/CNVD-2020-46552.yaml |
Seeyon - Local File Inclusion (CNVD-2020-62422) |
cnvd/CNVD-2020-62422.yaml |
Ruijie Networks-EWEB Network Management System - Remote Code Execution (CNVD-2021-09650) |
cnvd/CNVD-2021-09650.yaml |
Xiuno BBS CNVD-2019-01348 (CNVD-2019-01348) |
cnvd/CNVD-2019-01348.yaml |
WAF Fuzzing |
waf/waf-fuzz.yaml |
WAF Detection |
waf/waf-detect.yaml |
Apache Tomcat Remote Command Execution (CVE-2020-9484) |
cve/CVE-2020-9484.yaml |
DataTaker DT80 dEX 1.50.012 - Information Disclosure (CVE-2017-11165) |
cve/CVE-2017-11165.yaml |
ZyXel USG - Hardcoded Credentials (CVE-2020-29583) |
cve/CVE-2020-29583.yaml |
Gitblit 1.9.3 - Local File Inclusion (CVE-2022-31268) |
cve/CVE-2022-31268.yaml |
Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution (CVE-2022-37042) |
cve/CVE-2022-37042.yaml |
WordPress Workreap - Remote Code Execution (CVE-2021-24499) |
cve/CVE-2021-24499.yaml |
DOMOS 5.5 - Local File Inclusion (CVE-2019-18665) |
cve/CVE-2019-18665.yaml |
Jolokia Agent - JNDI Code Injection (CVE-2018-1000130) |
cve/CVE-2018-1000130.yaml |
Hongdian H8922 3.0.5 Devices - Local File Inclusion (CVE-2021-28149) |
cve/CVE-2021-28149.yaml |
Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting (CVE-2021-26710) |
cve/CVE-2021-26710.yaml |
WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection (CVE-2021-25114) |
cve/CVE-2021-25114.yaml |
Pypiserver <1.2.5 - Carriage Return Line Feed Injection (CVE-2019-6802) |
cve/CVE-2019-6802.yaml |
QCube Cross-Site-Scripting (CVE-2020-24912) |
cve/CVE-2020-24912.yaml |
VMware Aria Operations for Logs - Unauthenticated Remote Code Execution (CVE-2023-20864) |
cve/CVE-2023-20864.yaml |
SaltStack <=3002 - Shell Injection (CVE-2020-16846) |
cve/CVE-2020-16846.yaml |
Cisco IOS 12.2(55)SE11 - Remote Code Execution (CVE-2017-3881) |
cve/CVE-2017-3881.yaml |
Apache Spark UI - Remote Command Injection (CVE-2022-33891) |
cve/CVE-2022-33891.yaml |
ManageEngine - Remote Command Execution (CVE-2022-47966) |
cve/CVE-2022-47966.yaml |
Hospital Management System 1.0 - SQL Injection (CVE-2022-32094) |
cve/CVE-2022-32094.yaml |
Yoast SEO 16.7-17.2 - Information Disclosure (CVE-2021-25118) |
cve/CVE-2021-25118.yaml |
Jira - Incorrect Authorization (CVE-2019-3403) |
cve/CVE-2019-3403.yaml |
VMware Aria Operations for Networks - Code Injection Information Disclosure |
cve/CVE-2023-20889.yaml |
WordPress heat-trackr 1.0 - Cross-Site Scripting (CVE-2016-1000136) |
cve/CVE-2016-1000136.yaml |
ECOA Building Automation System - Directory Traversal Content Disclosure (CVE-2021-41291) |
cve/CVE-2021-41291.yaml |
Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting (CVE-2023-2122) |
cve/CVE-2023-2122.yaml |
GeoServer OGC Filter - SQL Injection (CVE-2023-25157) |
cve/CVE-2023-25157.yaml |
Online Event Booking and Reservation System 2.3.0 - SQL Injection (CVE-2021-42667) |
cve/CVE-2021-42667.yaml |
Apache Unomi <1.5.2 - Remote Code Execution (CVE-2020-13942) |
cve/CVE-2020-13942.yaml |
WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting (CVE-2023-0948) |
cve/CVE-2023-0948.yaml |
ZEROF Web Server 1.0 - SQL Injection (CVE-2021-30175) |
cve/CVE-2021-30175.yaml |
Emby Server Server-Side Request Forgery (CVE-2020-26948) |
cve/CVE-2020-26948.yaml |
Atom CMS v2.0 - SQL Injection (CVE-2022-24223) |
cve/CVE-2022-24223.yaml |
Oracle Fusion - Directory Traversal/Local File Inclusion (CVE-2020-14864) |
cve/CVE-2020-14864.yaml |
i-Panel Administration System 2.0 - Cross-Site Scripting (CVE-2021-41878) |
cve/CVE-2021-41878.yaml |
SolarWinds Orion API - Auth Bypass (CVE-2020-10148) |
cve/CVE-2020-10148.yaml |
Free5gc 3.2.1 - Information Disclosure (CVE-2022-38870) |
cve/CVE-2022-38870.yaml |
Microweber < 1.2.12 - Stored Cross-Site Scripting (CVE-2022-0928) |
cve/CVE-2022-0928.yaml |
SuperWebmailer 7.21.0.01526 - Remote Code Execution (CVE-2020-11546) |
cve/CVE-2020-11546.yaml |
Joomla! Component JA Comment - Local File Inclusion (CVE-2010-1601) |
cve/CVE-2010-1601.yaml |
Trendnet AC2600 TEW-827DRU - Credentials Disclosure (CVE-2021-20150) |
cve/CVE-2021-20150.yaml |
WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection (CVE-2020-24589) |
cve/CVE-2020-24589.yaml |
Microsoft SharePoint - Remote Code Execution (CVE-2020-16952) |
cve/CVE-2020-16952.yaml |
OpenCATS 0.9.7 - Cross-Site Scripting (CVE-2022-48012) |
cve/CVE-2022-48012.yaml |
Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored) (CVE-2022-42096) |
cve/CVE-2022-42096.yaml |
Cisco HyperFlex HX Data Platform - Remote Command Execution (CVE-2021-1497) |
cve/CVE-2021-1497.yaml |
Simple Employee Records System 1.0 - Unrestricted File Upload (CVE-2019-20183) |
cve/CVE-2019-20183.yaml |
KindEditor 4.1.11 - Cross-Site Scripting (CVE-2019-7543) |
cve/CVE-2019-7543.yaml |
Oracle iPlanet Web Server 7.0.x - Authentication Bypass (CVE-2020-9315) |
cve/CVE-2020-9315.yaml |
Helmet Store Showroom - Cross Site Scripting (CVE-2022-46073) |
cve/CVE-2022-46073.yaml |
MOVEit Transfer - Remote Code Execution (CVE-2023-34362) |
cve/CVE-2023-34362.yaml |
Draytek VigorConnect 1.6.0-B - Local File Inclusion (CVE-2021-20123) |
cve/CVE-2021-20123.yaml |
Spring Cloud Netflix - Server-Side Request Forgery (CVE-2020-5412) |
cve/CVE-2020-5412.yaml |
F5 BIG-IP TMUI - Remote Code Execution (CVE-2020-5902) |
cve/CVE-2020-5902.yaml |
WordPress Tidio Gallery <=1.1 - Cross-Site Scripting (CVE-2016-1000153) |
cve/CVE-2016-1000153.yaml |
MCMS 5.2.5 - SQL Injection (CVE-2022-23898) |
cve/CVE-2022-23898.yaml |
Sympa version =>6.2.16 - Cross-Site Scripting (CVE-2018-1000671) |
cve/CVE-2018-1000671.yaml |
WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting (CVE-2012-1835) |
cve/CVE-2012-1835.yaml |
Navis DocumentCloud <0.1.1 - Cross-Site Scripting (CVE-2015-2807) |
cve/CVE-2015-2807.yaml |
Citrix XenMobile Server - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/xenmobile-server-log4j.yaml |
FlightPath - Local File Inclusion (CVE-2019-13396) |
cve/CVE-2019-13396.yaml |
DomainMOD <=4.11.01 - Cross-Site Scripting (CVE-2018-19915) |
cve/CVE-2018-19915.yaml |
Magento Server Mass Importer - Cross-Site Scripting (CVE-2015-2068) |
cve/CVE-2015-2068.yaml |
SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting (CVE-2018-19386) |
cve/CVE-2018-19386.yaml |
MeterSphere < 2.5.0 SSRF (CVE-2022-23544) |
cve/CVE-2022-23544.yaml |
WordPress Super Socializer <7.13.30 - Cross-Site Scripting (CVE-2021-24987) |
cve/CVE-2021-24987.yaml |
HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access (CVE-2020-7136) |
cve/CVE-2020-7136.yaml |
Adobe AEM Dispatcher <4.15 - Rules Bypass (CVE-2016-0957) |
cve/CVE-2016-0957.yaml |
WordPress Plugin File Manager (wp-file-manager) Backup Disclosure (CVE-2020-24312) |
cve/CVE-2020-24312.yaml |
Atom CMS v2.0 - SQL Injection (CVE-2022-25488) |
cve/CVE-2022-25488.yaml |
Juniper Web Device Manager - Cross-Site Scripting (CVE-2022-22242) |
cve/CVE-2022-22242.yaml |
Netsweeper 4.0.5 - Default Weak Account (CVE-2014-9614) |
cve/CVE-2014-9614.yaml |
Reprise License Manager 14.2 - Cross-Site Scripting (CVE-2021-45422) |
cve/CVE-2021-45422.yaml |
WordPress Symposium <=15.8.1 - Cross-Site Scripting (CVE-2015-9414) |
cve/CVE-2015-9414.yaml |
Rocket.Chat <3.9.1 - Information Disclosure (CVE-2020-28208) |
cve/CVE-2020-28208.yaml |
Apache Tomcat JK Connect <=1.2.44 - Manager Access (CVE-2018-11759) |
cve/CVE-2018-11759.yaml |
Joomla! Component Music Manager - Local File Inclusion (CVE-2010-2857) |
cve/CVE-2010-2857.yaml |
SonarQube - Authentication Bypass (CVE-2020-27986) |
cve/CVE-2020-27986.yaml |
WordPress Yuzo <5.12.94 - Cross-Site Scripting (CVE-2019-11869) |
cve/CVE-2019-11869.yaml |
Primetek Primefaces 5.x - Remote Code Execution (CVE-2017-1000486) |
cve/CVE-2017-1000486.yaml |
Apache APISIX Dashboard <2.10.1 - API Unauthorized Access (CVE-2021-45232) |
cve/CVE-2021-45232.yaml |
WordPress Statistics <13.0.8 - Blind SQL Injection (CVE-2021-24340) |
cve/CVE-2021-24340.yaml |
SPIP - Remote Command Execution (CVE-2023-27372) |
cve/CVE-2023-27372.yaml |
Contentful <=2020-05-21 - Cross-Site Scripting (CVE-2020-13258) |
cve/CVE-2020-13258.yaml |
WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection (CVE-2021-24750) |
cve/CVE-2021-24750.yaml |
WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting (CVE-2022-4325) |
cve/CVE-2022-4325.yaml |
kkFileView 4.0.0 - Cross-Site Scripting (CVE-2022-29349) |
cve/CVE-2022-29349.yaml |
Klog Server <=2.41 - Unauthenticated Command Injection (CVE-2020-35729) |
cve/CVE-2020-35729.yaml |
WordPress Pie-Register <2.0.19 - Cross-Site Scripting (CVE-2015-7377) |
cve/CVE-2015-7377.yaml |
Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection (CVE-2022-25356) |
cve/CVE-2022-25356.yaml |
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27319) |
cve/CVE-2021-27319.yaml |
Atom CMS v2.0 - Cross-Site Scripting (CVE-2022-25489) |
cve/CVE-2022-25489.yaml |
Apache Struts <=2.5.20 - Remote Code Execution (CVE-2019-0230) |
cve/CVE-2019-0230.yaml |
Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass |
cve/CVE-2016-7552.yaml |
Node.JS System Information Library <5.3.1 - Remote Command Injection (CVE-2021-21315) |
cve/CVE-2021-21315.yaml |
WordPress Transposh <=1.0.8.1 - Information Disclosure (CVE-2022-2462) |
cve/CVE-2022-2462.yaml |
Hoteldruid 3.0.5 - Cross-Site Scripting (CVE-2023-34537) |
cve/CVE-2023-34537.yaml |
Apache Axis2 Default Login (CVE-2010-0219) |
cve/CVE-2010-0219.yaml |
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting (CVE-2021-21799) |
cve/CVE-2021-21799.yaml |
WordPress Newspaper <12 - Cross-Site Scripting (CVE-2022-2627) |
cve/CVE-2022-2627.yaml |
Imgproxy < 3.14.0 - Cross-site Scripting (XSS) (CVE-2023-1496) |
cve/CVE-2023-1496.yaml |
POS Codekop v2.0 - Cross-site Scripting (CVE-2023-30256) |
cve/CVE-2023-36346.yaml |
MinIO Operator Console Authentication Bypass (CVE-2021-41266) |
cve/CVE-2021-41266.yaml |
WP-FaceThumb 0.1 - Cross-Site Scripting (CVE-2012-2371) |
cve/CVE-2012-2371.yaml |
McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting (CVE-2020-7318) |
cve/CVE-2020-7318.yaml |
Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI (CVE-2010-2861) |
cve/CVE-2010-2861.yaml |
Apache Struts2 S2-053 - Remote Code Execution (CVE-2017-9791) |
cve/CVE-2017-9791.yaml |
Oracle WebLogic Server Local File Inclusion (CVE-2022-21371) |
cve/CVE-2022-21371.yaml |
cgit < 1.2.1 - Directory Traversal (CVE-2018-14912) |
cve/CVE-2018-14912.yaml |
WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting (CVE-2022-0208) |
cve/CVE-2022-0208.yaml |
WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting |
cve/CVE-2022-1910.yaml |
October CMS - Remote Code Execution (CVE-2022-21705) |
cve/CVE-2022-21705.yaml |
Rstudio Shiny Server <1.5.16 - Local File Inclusion (CVE-2021-3374) |
cve/CVE-2021-3374.yaml |
Novius OS 5.0.1-elche - Open Redirect (CVE-2015-5354) |
cve/CVE-2015-5354.yaml |
Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting (CVE-2020-9344) |
cve/CVE-2020-9344.yaml |
Ntopng Authentication Bypass (CVE-2021-28073) |
cve/CVE-2021-28073.yaml |
FUDForum 3.1.0 - Cross-Site Scripting (CVE-2021-27520) |
cve/CVE-2021-27520.yaml |
FHEM 6.0 - Local File Inclusion (CVE-2020-19360) |
cve/CVE-2020-19360.yaml |
Django - Open Redirect (CVE-2018-14574) |
cve/CVE-2018-14574.yaml |
Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting (CVE-2018-2791) |
cve/CVE-2018-2791.yaml |
OPNsense <=20.1.5 - Open Redirect (CVE-2020-23015) |
cve/CVE-2020-23015.yaml |
WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting (CVE-2022-0381) |
cve/CVE-2022-0381.yaml |
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27314) |
cve/CVE-2021-27314.yaml |
Layer5 Meshery 0.5.2 - SQL Injection (CVE-2021-31856) |
cve/CVE-2021-31856.yaml |
TOTOLINK Realtek SD Routers - Remote Command Injection (CVE-2019-19824) |
cve/CVE-2019-19824.yaml |
WordPress Awin Data Feed <=1.6 - Cross-Site Scripting (CVE-2022-1937) |
cve/CVE-2022-1937.yaml |
BillQuick Web Suite SQL Injection (CVE-2021-42258) |
cve/CVE-2021-42258.yaml |
F5 BIG-IP iControl - REST Auth Bypass RCE (CVE-2022-1388) |
cve/CVE-2022-1388.yaml |
WordPress PHPMailer < 5.2.18 - Remote Code Execution (CVE-2016-10033) |
cve/CVE-2016-10033.yaml |
Netsweeper 4.0.4 - Cross-Site Scripting (CVE-2014-9615) |
cve/CVE-2014-9615.yaml |
Xinuo Openserver 5/6 - Cross-Site scripting (CVE-2020-25495) |
cve/CVE-2020-25495.yaml |
WordPress Domain Check <1.0.17 - Cross-Site Scripting (CVE-2021-24926) |
cve/CVE-2021-24926.yaml |
D-Link Central WifiManager - Server-Side Request Forgery (CVE-2018-15517) |
cve/CVE-2018-15517.yaml |
Atlassian Confluence <5.8.17 - Information Disclosure (CVE-2015-8399) |
cve/CVE-2015-8399.yaml |
Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure (CVE-2021-40150) |
cve/CVE-2021-40150.yaml |
Xibo 1.2.2/1.4.1 - Directory Traversal (CVE-2013-5979) |
cve/CVE-2013-5979.yaml |
elFinder <=2.1.60 - Local File Inclusion (CVE-2022-26960) |
cve/CVE-2022-26960.yaml |
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27320) |
cve/CVE-2021-27320.yaml |
AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting (CVE-2012-4547) |
cve/CVE-2012-4547.yaml |
Pallets Werkzeug <0.15.5 - Local File Inclusion (CVE-2019-14322) |
cve/CVE-2019-14322.yaml |
Gitlab CE/EE 10.5 - Server-Side Request Forgery (CVE-2021-22214CVE-2021-39935CVE-2021-22175) |
cve/CVE-2021-22214.yaml |
Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (CVE-2013-2251) |
cve/CVE-2013-2251.yaml |
WordPress Visualizer <3.3.1 - Cross-Site Scripting (CVE-2019-16931) |
cve/CVE-2019-16931.yaml |
WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting (CVE-2016-1000137) |
cve/CVE-2016-1000137.yaml |
Visualizer <3.3.1 - Blind Server-Side Request Forgery (CVE-2019-16932) |
cve/CVE-2019-16932.yaml |
Jenkins <=2.196 - Cookie Exposure (CVE-2019-10405) |
cve/CVE-2019-10405.yaml |
Apache Struts 2 - Remote Command Execution (CVE-2017-5638) |
cve/CVE-2017-5638.yaml |
SysAid 20.4.74 - Cross-Site Scripting (CVE-2021-31862) |
cve/CVE-2021-31862.yaml |
Barco/AWIND OEM Presentation Platform - Remote Command Injection (CVE-2019-3929) |
cve/CVE-2019-3929.yaml |
Simple URLs < 115 - Cross Site Scripting (CVE-2023-0099) |
cve/CVE-2023-0099.yaml |
Cuppa CMS v1.0 - SQL injection (CVE-2022-27984) |
cve/CVE-2022-27984.yaml |
Kentico CMS Insecure Deserialization Remote Code Execution (CVE-2019-10068) |
cve/CVE-2019-10068.yaml |
WordPress Simple Membership <4.1.1 - Cross-Site Scripting (CVE-2022-1724) |
cve/CVE-2022-1724.yaml |
WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI) (CVE-2011-1669) |
cve/CVE-2011-1669.yaml |
Reprise License Manager 14.2 - Authentication Bypass (CVE-2021-44152) |
cve/CVE-2021-44152.yaml |
Citrix SD-WAN Center - Remote Command Injection (CVE-2019-12986) |
cve/CVE-2019-12986.yaml |
NETGEAR Routers - Remote Code Execution (CVE-2016-6277) |
cve/CVE-2016-6277.yaml |
Apache Code42 - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/code42-log4j-rce.yaml |
Cisco HyperFlex HX Data Platform - Arbitrary File Upload (CVE-2021-1499) |
cve/CVE-2021-1499.yaml |
WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal (CVE-2015-4414) |
cve/CVE-2015-4414.yaml |
WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection (CVE-2023-23488) |
cve/CVE-2023-23488.yaml |
Login with Phone Number - Cross-Site Scripting (CVE-2023-23492) |
cve/CVE-2023-23492.yaml |
SonicWall SRA 4600 VPN - SQL Injection (CVE-2019-7481) |
cve/CVE-2019-7481.yaml |
WordPress User Post Gallery <=2.19 - Remote Code Execution (CVE-2022-4060) |
cve/CVE-2022-4060.yaml |
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-1000856) |
cve/CVE-2018-1000856.yaml |
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31976) |
cve/CVE-2022-31976.yaml |
Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete (CVE-2021-46424) |
cve/CVE-2021-46424.yaml |
Nordex NC2 - Cross-Site Scripting (CVE-2015-6477) |
cve/CVE-2015-6477.yaml |
ListSERV Maestro <= 9.0-8 RCE (CVE-2010-1870) |
cve/CVE-2010-1870.yaml |
WordPress Spider Calendar <=1.4.9 - SQL Injection (CVE-2015-2196) |
cve/CVE-2015-2196.yaml |
Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting (CVE-2021-41174) |
cve/CVE-2021-41174.yaml |
Studio-42 elFinder <2.1.60 - Arbitrary File Upload (CVE-2021-43421) |
cve/CVE-2021-43421.yaml |
GLPI 9.2/<9.5.6 - Information Disclosure (CVE-2021-39211) |
cve/CVE-2021-39211.yaml |
Artica Pandora FMS <=7.42 - Arbitrary File Read (CVE-2020-8497) |
cve/CVE-2020-8497.yaml |
WordPress Plugin WP Content Source Control - Directory Traversal (CVE-2014-5368) |
cve/CVE-2014-5368.yaml |
Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution (CVE-2020-7961) |
cve/CVE-2020-7961.yaml |
Pandora FMS 7.0NG - Remote Command Injection (CVE-2019-20224) |
cve/CVE-2019-20224.yaml |
CommScope Ruckus IoT Controller - Information Disclosure (CVE-2021-33221) |
cve/CVE-2021-33221.yaml |
Apache Solr <= 7.1 - XML Entity Injection (CVE-2017-12629) |
cve/CVE-2017-12629.yaml |
Cuppa CMS v1.0 - Arbitrary File Upload (CVE-2022-38296) |
cve/CVE-2022-38296.yaml |
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31978) |
cve/CVE-2022-31978.yaml |
Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access |
cve/CVE-2021-35336.yaml |
Garage Management System 1.0 - SQL Injection (CVE-2022-2467) |
cve/CVE-2022-2467.yaml |
Nodejs Squirrelly - Remote Code Execution (CVE-2021-32819) |
cve/CVE-2021-32819.yaml |
FortiLogger 4.4.2.2 - Arbitrary File Upload (CVE-2021-3378) |
cve/CVE-2021-3378.yaml |
WordPress JNews Theme <8.0.6 - Cross-Site Scripting (CVE-2021-24342) |
cve/CVE-2021-24342.yaml |
Jenkin Audit Trail <=3.2 - Cross-Site Scripting (CVE-2020-2140) |
cve/CVE-2020-2140.yaml |
WordPress WPQA <5.5 - Improper Access Control (CVE-2022-1598) |
cve/CVE-2022-1598.yaml |
QSAN Storage Manager <3.3.3 - Cross-Site Scripting (CVE-2021-37216) |
cve/CVE-2021-37216.yaml |
WordPress BadgeOS <=3.7.0 - SQL Injection (CVE-2022-0817) |
cve/CVE-2022-0817.yaml |
Jenkins Git <=4.11.3 - Missing Authorization (CVE-2022-36883) |
cve/CVE-2022-36883.yaml |
Trixbox 2.8.0 - Path Traversal (CVE-2017-14537) |
cve/CVE-2017-14537.yaml |
SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting (CVE-2022-29299) |
cve/CVE-2022-29299.yaml |
WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting (CVE-2021-20792) |
cve/CVE-2021-20792.yaml |
Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion (CVE-2018-6008) |
cve/CVE-2018-6008.yaml |
Apache OFBiz - JNDI Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/apache-ofbiz-log4j-rce.yaml |
WordPress My Calendar <= 3.1.9 - Cross-Site Scripting (CVE-2019-15713) |
cve/CVE-2019-15713.yaml |
Microstrategy Web 7 - Cross-Site Scripting (CVE-2018-18775) |
cve/CVE-2018-18775.yaml |
WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting (CVE-2021-25075) |
cve/CVE-2021-25075.yaml |
Nacos <1.4.1 - Authentication Bypass (CVE-2021-29441) |
cve/CVE-2021-29441.yaml |
Chyrp 2.x - Local File Inclusion (CVE-2011-2780) |
cve/CVE-2011-2780.yaml |
Metinfo 7.0.0 beta - SQL Injection (CVE-2019-16996) |
cve/CVE-2019-16996.yaml |
Netsweeper 3.0.6 - Open Redirection (CVE-2014-9617) |
cve/CVE-2014-9617.yaml |
Backdrop CMS version 1.23.0 - Stored Cross Site Scripting (CVE-2022-42094) |
cve/CVE-2022-42094.yaml |
Zaver - Local File Inclusion (CVE-2022-38794) |
cve/CVE-2022-38794.yaml |
Royal Event - SQL Injection (CVE-2022-28080) |
cve/CVE-2022-28080.yaml |
Symfony - Authentication Bypass (CVE-2015-4050) |
cve/CVE-2015-4050.yaml |
Phoenix Framework - Open Redirect (CVE-2017-1000163) |
cve/CVE-2017-1000163.yaml |
College Management System 1.0 - SQL Injection (CVE-2022-28079) |
cve/CVE-2022-28079.yaml |
Carel pCOWeb <B1.2.4 - Cross-Site Scripting (CVE-2019-11370) |
cve/CVE-2019-11370.yaml |
Tenda 11N - Authentication Bypass (CVE-2022-42233) |
cve/CVE-2022-42233.yaml |
Jeesns 1.4.2 - Cross-Site Scripting (CVE-2020-19282) |
cve/CVE-2020-19282.yaml |
XStream <1.4.15 - Server-Side Request Forgery (CVE-2020-26258) |
cve/CVE-2020-26258.yaml |
Joomla! Component MS Comment 0.8.0b - Local File Inclusion (CVE-2010-2050) |
cve/CVE-2010-2050.yaml |
WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion (CVE-2018-16059) |
cve/CVE-2018-16059.yaml |
ChurchCRM 4.5.3 - Cross-Site Scripting (CVE-2023-25346) |
cve/CVE-2023-25346.yaml |
Swim Team <= v1.44.10777 - Local File Inclusion (CVE-2015-5471) |
cve/CVE-2015-5471.yaml |
ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion (CVE-2016-6601) |
cve/CVE-2016-6601.yaml |
VMware Aria Operations for Networks - Remote Code Execution (CVE-2023-20888) |
cve/CVE-2023-20888.yaml |
Wordpress Zedna eBook download <1.2 - Local File Inclusion (CVE-2016-10924) |
cve/CVE-2016-10924.yaml |
Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion (CVE-2018-8727) |
cve/CVE-2018-8727.yaml |
WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site |
cve/CVE-2022-2599.yaml |
MODx manager - Local File Inclusion (CVE-2010-5278) |
cve/CVE-2010-5278.yaml |
Jenkins <=2.218 - Information Disclosure (CVE-2020-2103) |
cve/CVE-2020-2103.yaml |
WordPress AJAX Random Post <=2.00 - Cross-Site Scripting (CVE-2016-1000127) |
cve/CVE-2016-1000127.yaml |
CSE Bookstore 1.0 - SQL Injection (CVE-2020-36112) |
cve/CVE-2020-36112.yaml |
FlatPress 1.2.1 - Stored Cross-Site Scripting (CVE-2021-41432) |
cve/CVE-2021-41432.yaml |
Fortinet FortiNAC - Arbitrary File Write (CVE-2022-39952) |
cve/CVE-2022-39952.yaml |
Geddy <13.0.8 - Local File Inclusion (CVE-2015-5688) |
cve/CVE-2015-5688.yaml |
D-Link DIR-615 - Unauthorized Access (CVE-2021-42627) |
cve/CVE-2021-42627.yaml |
Microstrategy Web 7 - Local File Inclusion (CVE-2018-18777) |
cve/CVE-2018-18777.yaml |
Purchase Order Management v1.0 - SQL Injection (CVE-2021-40908) |
cve/CVE-2021-40908.yaml |
Jfrog Artifactory <6.17.0 - Default Admin Password (CVE-2019-17444) |
cve/CVE-2019-17444.yaml |
FineCMS <5.0.9 - Open Redirect (CVE-2017-11586) |
cve/CVE-2017-11586.yaml |
Apache ActiveMQ <=5.15.5 - Cross-Site Scripting (CVE-2018-8006) |
cve/CVE-2018-8006.yaml |
IBM WebSphere Java Object Deserialization - Remote Code Execution (CVE-2015-7450) |
cve/CVE-2015-7450.yaml |
Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection (CVE-2020-21012) |
cve/CVE-2020-21012.yaml |
Cisco ASA - Local File Inclusion (CVE-2018-0296) |
cve/CVE-2018-0296.yaml |
Thruk 2.40-2 - Cross-Site Scripting (CVE-2021-35488) |
cve/CVE-2021-35488.yaml |
WordPress GTranslate <2.8.52 - Cross-Site Scripting (CVE-2020-11930) |
cve/CVE-2020-11930.yaml |
KMCIS CaseAware - Cross-Site Scripting (CVE-2017-5631) |
cve/CVE-2017-5631.yaml |
Users Ultra <= 3.1.0 - SQL Injection (CVE-2022-0769) |
cve/CVE-2022-0769.yaml |
GrandNode 4.40 - Local File Inclusion (CVE-2019-12276) |
cve/CVE-2019-12276.yaml |
vBulletin - Open Redirect (CVE-2018-6200) |
cve/CVE-2018-6200.yaml |
OpenEMR <5.0.2 - Local File Inclusion (CVE-2019-14530) |
cve/CVE-2019-14530.yaml |
Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun |
cve/CVE-2021-20167.yaml |
WordPress Cab fare calculator < 1.0.4 - Local File Inclusion (CVE-2022-1391) |
cve/CVE-2022-1391.yaml |
Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure (CVE-2020-27361) |
cve/CVE-2020-27361.yaml |
Joomla! Component JInventory 1.23.02 - Local File Inclusion (CVE-2010-1305) |
cve/CVE-2010-1305.yaml |
TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass (CVE-2021-42887) |
cve/CVE-2021-42887.yaml |
WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting (CVE-2016-1000129) |
cve/CVE-2016-1000129.yaml |
Featurific For WordPress 1.6.2 - Cross-Site Scripting (CVE-2011-5265) |
cve/CVE-2011-5265.yaml |
Sourcecodester Simple Client Management System 1.0 - SQL Injection (CVE-2021-43510) |
cve/CVE-2021-43510.yaml |
NewStatPress <=1.0.4 - Cross-Site Scripting (CVE-2015-9312) |
cve/CVE-2015-9312.yaml |
WebCTRL OEM <= 6.5 - Cross-Site Scripting (CVE-2021-31682) |
cve/CVE-2021-31682.yaml |
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-44944) |
cve/CVE-2022-44944.yaml |
GitLab CE/EE - Remote Code Execution (CVE-2021-22205) |
cve/CVE-2021-22205.yaml |
WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection (CVE-2022-0948) |
cve/CVE-2022-0948.yaml |
WordPress WP Courses Plugin Information Disclosure (CVE-2020-26876) |
cve/CVE-2020-26876.yaml |
Noptin < 1.6.5 - Open Redirect (CVE-2021-25033) |
cve/CVE-2021-25033.yaml |
AlquistManager Local File Inclusion (CVE-2021-43495) |
cve/CVE-2021-43495.yaml |
Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass (CVE-2021-3297) |
cve/CVE-2021-3297.yaml |
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-43167) |
cve/CVE-2022-43167.yaml |
ZZZCMS zzzphp 2.1.0 - Remote Code Execution (CVE-2022-23881) |
cve/CVE-2022-23881.yaml |
Joomla! Component Graphics 1.0.6 - Local File Inclusion (CVE-2010-1653) |
cve/CVE-2010-1653.yaml |
ManageEngine Firewall Analyzer <8.0 - Local File Inclusion (CVE-2015-7780) |
cve/CVE-2015-7780.yaml |
BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting (CVE-2018-16139) |
cve/CVE-2018-16139.yaml |
Joomla! Component redTWITTER 1.0 - Local File Inclusion (CVE-2010-1983) |
cve/CVE-2010-1983.yaml |
Cherokee HTTPD <=0.5 - Cross-Site Scripting (CVE-2006-1681) |
cve/CVE-2006-1681.yaml |
phpMyChat-Plus 1.98 - Cross-Site Scripting (CVE-2019-19908) |
cve/CVE-2019-19908.yaml |
VMware Workspace ONE Access - Server-Side Template Injection (CVE-2022-22954) |
cve/CVE-2022-22954.yaml |
Online Security Guards Hiring System - Cross-Site Scripting (CVE-2023-0527) |
cve/CVE-2023-0527.yaml |
WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection (CVE-2022-0412) |
cve/CVE-2022-0412.yaml |
Grav CMS <1.3.0 - Cross-Site Scripting (CVE-2018-5233) |
cve/CVE-2018-5233.yaml |
Cuppa CMS v1.0 - Authenticated Local File Inclusion (CVE-2022-37191) |
cve/CVE-2022-37191.yaml |
GateOne 1.1 - Local File Inclusion (CVE-2020-35736) |
cve/CVE-2020-35736.yaml |
WordPress Sensei LMS <4.5.0 - Information Disclosure (CVE-2022-2034) |
cve/CVE-2022-2034.yaml |
WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting (CVE-2022-0150) |
cve/CVE-2022-0150.yaml |
Joomla! Component Shoutbox Pro - Local File Inclusion (CVE-2010-1534) |
cve/CVE-2010-1534.yaml |
WordPress Payeezy Pay <=2.97 - Local File Inclusion (CVE-2018-20985) |
cve/CVE-2018-20985.yaml |
VMware View Planner <4.6 SP1- Remote Code Execution (CVE-2021-21978) |
cve/CVE-2021-21978.yaml |
Agentejo Cockpit 0.10.2 - Cross-Site Scripting (CVE-2020-14408) |
cve/CVE-2020-14408.yaml |
SolarView Compact 6.00 - Local File Inclusion (CVE-2022-29298) |
cve/CVE-2022-29298.yaml |
Submitty <= 20.04.01 - Open Redirect (CVE-2020-13121) |
cve/CVE-2020-13121.yaml |
Draytek VigorConnect 6.0-B3 - Local File Inclusion (CVE-2021-20124) |
cve/CVE-2021-20124.yaml |
Craft CMS < 3.3.0 - Server-Side Template Injection (CVE-2020-9757) |
cve/CVE-2020-9757.yaml |
SupportCandy < 3.1.5 - Unauthenticated SQL Injection (CVE-2023-1730) |
cve/CVE-2023-1730.yaml |
WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting (CVE-2022-29455) |
cve/CVE-2022-29455.yaml |
OpenCATS 0.9.6 - Cross-Site Scripting (CVE-2022-43017) |
cve/CVE-2022-43017.yaml |
Casdoor 1.13.0 - Unauthenticated SQL Injection (CVE-2022-24124) |
cve/CVE-2022-24124.yaml |
VMware Operations Manager - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/vmware-operation-manager-log4j.yaml |
Apache Tomcat Servers - Remote Code Execution (CVE-2017-12615) |
cve/CVE-2017-12615.yaml |
Purchase Order Management v1.0 - SQL Injection (CVE-2023-29622) |
cve/CVE-2023-29622.yaml |
ChurchCRM v4.5.3 - Cross-Site Scripting (CVE-2023-31548) |
cve/CVE-2023-31548.yaml |
WordPress Visitor Statistics <=5.7 - SQL Injection (CVE-2022-33965) |
cve/CVE-2022-33965.yaml |
WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection (CVE-2021-24666) |
cve/CVE-2021-24666.yaml |
Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion (CVE-2010-2045) |
cve/CVE-2010-2045.yaml |
Motorola Baby Monitors - Remote Command Execution (CVE-2021-3577) |
cve/CVE-2021-3577.yaml |
WordPress WooCommerce <1.13.22 - Cross-Site Scripting (CVE-2021-24300) |
cve/CVE-2021-24300.yaml |
WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access (CVE-2022-4140) |
cve/CVE-2022-4140.yaml |
Atlassian Confluence Server - Path Traversal (CVE-2019-3396) |
cve/CVE-2019-3396.yaml |
Complete Online Job Search System 1.0 - SQL Injection (CVE-2022-32018) |
cve/CVE-2022-32018.yaml |
Kibana Timelion - Arbitrary Code Execution (CVE-2019-7609) |
cve/CVE-2019-7609.yaml |
Joomla! Component Online Market 2.x - Local File Inclusion (CVE-2010-1722) |
cve/CVE-2010-1722.yaml |
RocketMQ <= 5.1.0 - Remote Code Execution (CVE-2023-33246) |
cve/CVE-2023-33246.yaml |
Jeecg Boot <= 2.4.5 - Information Disclosure (CVE-2021-37304) |
cve/CVE-2021-37304.yaml |
TerraMaster TOS < 4.2.30 Server Information Disclosure (CVE-2022-24990) |
cve/CVE-2022-24990.yaml |
Joomla! Component Jimtawl 1.0.2 - Local File Inclusion (CVE-2010-4769) |
cve/CVE-2010-4769.yaml |
phpMyAdmin <4.9.0 - Cross-Site Request Forgery (CVE-2019-12616) |
cve/CVE-2019-12616.yaml |
Crestron Device - Credentials Disclosure (CVE-2022-23178) |
cve/CVE-2022-23178.yaml |
PaperCut - Unauthenticated Remote Code Execution (CVE-2023-27350) |
cve/CVE-2023-27350.yaml |
EyouCMS 1.5.4 Open Redirect (CVE-2021-39501) |
cve/CVE-2021-39501.yaml |
PlaceOS 1.2109.1 - Open Redirection (CVE-2021-41826) |
cve/CVE-2021-41826.yaml |
Devalcms 1.4a - Cross-Site Scripting (CVE-2008-6982) |
cve/CVE-2008-6982.yaml |
Zeroshell 3.9.0 - Remote Command Execution (CVE-2019-12725) |
cve/CVE-2019-12725.yaml |
Adminimize 1.7.22 - Cross-Site Scripting (CVE-2011-4926) |
cve/CVE-2011-4926.yaml |
Diary Management System 1.0 - Cross-Site Scripting (CVE-2022-29004) |
cve/CVE-2022-29004.yaml |
CandidATS 3.0.0 - Cross-Site Scripting. (CVE-2022-42748) |
cve/CVE-2022-42748.yaml |
Hikvision - Authentication Bypass (CVE-2017-7921) |
cve/CVE-2017-7921.yaml |
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27124) |
cve/CVE-2021-27124.yaml |
Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read (CVE-2020-8982) |
cve/CVE-2020-8982.yaml |
Dasan GPON Devices - Remote Code Execution (CVE-2018-10562) |
cve/CVE-2018-10562.yaml |
WordPress Ninja Job Board < 1.3.3 - Direct Request (CVE-2022-2544) |
cve/CVE-2022-2544.yaml |
WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting (CVE-2017-9288) |
cve/CVE-2017-9288.yaml |
Kae's File Manager <=1.4.7 - Cross-Site Scripting (CVE-2022-40359) |
cve/CVE-2022-40359.yaml |
WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting (CVE-2022-0212) |
cve/CVE-2022-0212.yaml |
Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion (CVE-2017-1000028) |
cve/CVE-2017-1000028.yaml |
Joomla! Component com_jashowcase - Directory Traversal (CVE-2010-0943) |
cve/CVE-2010-0943.yaml |
Cisco Small Business RV Series - OS Command Injection (CVE-2021-1472) |
cve/CVE-2021-1472.yaml |
elFinder 2.1.58 - Remote Code Execution (CVE-2021-32682) |
cve/CVE-2021-32682.yaml |
Mlflow <2.3.1 - Local File Inclusion Bypass (CVE-2023-2780) |
cve/CVE-2023-2780.yaml |
Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion (CVE-2008-4668) |
cve/CVE-2008-4668.yaml |
WordPress Tidio-form <=1.0 - Cross-Site Scripting (CVE-2016-1000152) |
cve/CVE-2016-1000152.yaml |
MetInfo 7.0.0 beta - SQL Injection (CVE-2019-17418) |
cve/CVE-2019-17418.yaml |
WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery (CVE-2021-24150) |
cve/CVE-2021-24150.yaml |
Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection (CVE-2019-10232) |
cve/CVE-2019-10232.yaml |
Koha 3.20.1 - Directory Traversal (CVE-2015-4632) |
cve/CVE-2015-4632.yaml |
AudioCode 420HD - Remote Code Execution (CVE-2018-10093) |
cve/CVE-2018-10093.yaml |
ASUS GT-AC2900 - Authentication Bypass (CVE-2021-32030) |
cve/CVE-2021-32030.yaml |
Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure |
cve/CVE-2010-1429.yaml |
WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting (CVE-2019-19134) |
cve/CVE-2019-19134.yaml |
GoAnywhere Managed File Transfer - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/goanywhere-mft-log4j-rce.yaml |
HP Data Protector - Arbitrary Command Execution (CVE-2016-2004) |
cve/CVE-2016-2004.yaml |
WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting (CVE-2021-25055) |
cve/CVE-2021-25055.yaml |
Open Automation Software OAS Platform V16.00.0121 - Missing Authentication |
cve/CVE-2022-26833.yaml |
Joomla! Webservice - Password Disclosure (CVE-2023-23752) |
cve/CVE-2023-23752.yaml |
Cloudron 6.2 Cross-Site Scripting (CVE-2021-40868) |
cve/CVE-2021-40868.yaml |
Tiempo.com <= 0.1.2 - Cross-Site Scripting (CVE-2023-2272) |
cve/CVE-2023-2272.yaml |
Apache OFBiz <=16.11.07 - Cross-Site Scripting (CVE-2020-1943) |
cve/CVE-2020-1943.yaml |
Apache Log4j2 - Remote Code Injection (CVE-2021-45046) |
cve/CVE-2021-45046.yaml |
mongo-express Remote Code Execution (CVE-2019-10758) |
cve/CVE-2019-10758.yaml |
WordPress Simple Link Directory <7.7.2 - SQL injection (CVE-2022-0760) |
cve/CVE-2022-0760.yaml |
Apache Struts2 S2-012 RCE (CVE-2013-1965) |
cve/CVE-2013-1965.yaml |
WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting (CVE-2023-0968) |
cve/CVE-2023-0968.yaml |
Rukovoditel <= 3.2.1 - Cross-Site Scripting (CVE-2022-43169) |
cve/CVE-2022-43169.yaml |
Academy Learning Management System <5.9.1 - Cross-Site Scripting (CVE-2022-38553) |
cve/CVE-2022-38553.yaml |
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31977) |
cve/CVE-2022-31977.yaml |
Nimble Streamer <=3.5.4-9 - Local File Inclusion (CVE-2019-11013) |
cve/CVE-2019-11013.yaml |
WordPress Page Builder KingComposer <=2.9.6 - Open Redirect (CVE-2022-0165) |
cve/CVE-2022-0165.yaml |
WordPress InPost Gallery <2.1.4.1 - Local File Inclusion (CVE-2022-4063) |
cve/CVE-2022-4063.yaml |
Combodo iTop <2.2.0-2459 - Cross-Site Scripting (CVE-2015-6544) |
cve/CVE-2015-6544.yaml |
XStream <1.4.6/1.4.10 - Remote Code Execution (CVE-2013-7285) |
cve/CVE-2013-7285.yaml |
Zoho ManageEngine - Internal Hostname Disclosure (CVE-2022-23779) |
cve/CVE-2022-23779.yaml |
Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion (CVE-2010-1313) |
cve/CVE-2010-1313.yaml |
nweb2fax <=0.2.7 - Local File Inclusion (CVE-2008-6668) |
cve/CVE-2008-6668.yaml |
Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion (CVE-2009-2100) |
cve/CVE-2009-2100.yaml |
Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage (CVE-2015-2080) |
cve/CVE-2015-2080.yaml |
Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory |
cve/CVE-2010-2307.yaml |
Pulse Connect Secure SSL VPN Arbitrary File Read (CVE-2019-11510) |
cve/CVE-2019-11510.yaml |
Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect (CVE-2021-24358) |
cve/CVE-2021-24358.yaml |
WebGlimpse 2.18.7 - Directory Traversal (CVE-2009-5114) |
cve/CVE-2009-5114.yaml |
WordPress Car Seller - Auto Classifieds Script - SQL Injection (CVE-2021-24285) |
cve/CVE-2021-24285.yaml |
Kavita <0.5.4.1 - Server-Side Request Forgery (CVE-2022-2756) |
cve/CVE-2022-2756.yaml |
WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site |
cve/CVE-2021-24169.yaml |
WordPress <5.8.3 - SQL Injection (CVE-2022-21661) |
cve/CVE-2022-21661.yaml |
Doctor Appointment System 1.0 - SQL Injection (CVE-2021-27315) |
cve/CVE-2021-27315.yaml |
WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection |
cve/CVE-2023-0261.yaml |
Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion (CVE-2010-1953) |
cve/CVE-2010-1953.yaml |
TerraMaster TOS - Unauthenticated Remote Command Execution (CVE-2020-28188) |
cve/CVE-2020-28188.yaml |
nitely/spirit 0.12.3 - Open Redirect (CVE-2022-0869) |
cve/CVE-2022-0869.yaml |
Joomla! Component OrgChart 1.0.0 - Local File Inclusion (CVE-2010-1878) |
cve/CVE-2010-1878.yaml |
GitLab 16.0.0 - Path Traversal (CVE-2023-2825) |
cve/CVE-2023-2825.yaml |
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-43166) |
cve/CVE-2022-43166.yaml |
Spring Cloud Config Server - Local File Inclusion (CVE-2019-3799) |
cve/CVE-2019-3799.yaml |
Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion (CVE-2022-32409) |
cve/CVE-2022-32409.yaml |
MCMS 5.2.4 - SQL Injection (CVE-2022-25125) |
cve/CVE-2022-25125.yaml |
Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion (CVE-2015-4074) |
cve/CVE-2015-4074.yaml |
Joomla! Component Magic Updater - Local File Inclusion (CVE-2010-1307) |
cve/CVE-2010-1307.yaml |
Autonomy Ultraseek - Open Redirect (CVE-2009-0347) |
cve/CVE-2009-0347.yaml |
TileServer GL <=3.0.0 - Cross-Site Scripting (CVE-2020-15500) |
cve/CVE-2020-15500.yaml |
Apache Struts2 S2-008 RCE (CVE-2012-0392) |
cve/CVE-2012-0392.yaml |
Apache Solr 7+ - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/apache-solr-log4j-rce.yaml |
Rukovoditel <= 3.2.1 - Cross Site Scripting (CVE-2022-43164) |
cve/CVE-2022-43164.yaml |
Mlflow <2.2.1 - Local File Inclusion (CVE-2023-1177) |
cve/CVE-2023-1177.yaml |
JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure (CVE-2020-2733) |
cve/CVE-2020-2733.yaml |
Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command |
cve/CVE-2021-40539.yaml |
exacqVision Web Service - Remote Code Execution (CVE-2020-9047) |
cve/CVE-2020-9047.yaml |
Tenda Router AC11 - Remote Command Injection (CVE-2021-31755) |
cve/CVE-2021-31755.yaml |
Jellyfin 10.7.2 - Server Side Request Forgery (CVE-2021-29490) |
cve/CVE-2021-29490.yaml |
Osclass Security Advisory 3.4.1 - Local File Inclusion (CVE-2014-6308) |
cve/CVE-2014-6308.yaml |
unilogies/bumsys < v2.0.2 - Clickjacking (CVE-2023-1362) |
cve/CVE-2023-1362.yaml |
Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting (CVE-2021-20323) |
cve/CVE-2021-20323.yaml |
WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting (CVE-2022-3506) |
cve/CVE-2022-3506.yaml |
WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting (CVE-2016-1000135) |
cve/CVE-2016-1000135.yaml |
shadoweb wdja v1.5.1 - Cross-Site Scripting (CVE-2020-20982) |
cve/CVE-2020-20982.yaml |
Traefik - Open Redirect (CVE-2020-15129) |
cve/CVE-2020-15129.yaml |
GitLab CE/EE - Remote Code Execution (CVE-2022-2185) |
cve/CVE-2022-2185.yaml |
Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection |
cve/CVE-2020-29284.yaml |
WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection (CVE-2023-23489) |
cve/CVE-2023-23489.yaml |
Netsweeper 4.0.3 - Cross-Site Scripting (CVE-2014-9608) |
cve/CVE-2014-9608.yaml |
Sophos Mobile managed on-premises - XML External Entity Injection (CVE-2022-3980) |
cve/CVE-2022-3980.yaml |
Artica Proxy 4.30.000000 - Cross-Site Scripting (CVE-2022-37153) |
cve/CVE-2022-37153.yaml |
Tiki Wiki CMS Groupware 5.2 - Local File Inclusion (CVE-2010-4239) |
cve/CVE-2010-4239.yaml |
SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion (CVE-2016-2389) |
cve/CVE-2016-2389.yaml |
XML-RPC Server - Remote Code Execution (CVE-2017-11610) |
cve/CVE-2017-11610.yaml |
Tiny Java Web Server - Cross-Site Scripting (CVE-2021-37573) |
cve/CVE-2021-37573.yaml |
WordPress Feed Them Social <3.0.1 - Cross-Site Scripting (CVE-2022-2383) |
cve/CVE-2022-2383.yaml |
Joomla! Component redSHOP 1.0 - Local File Inclusion (CVE-2010-1531) |
cve/CVE-2010-1531.yaml |
Orchard 'ReturnUrl' Parameter URI - Open Redirect (CVE-2011-5252) |
cve/CVE-2011-5252.yaml |
Spotweb <= 1.5.1 - Cross Site Scripting (CVE-2021-40973) |
cve/CVE-2021-40973.yaml |
BOA Web Server 0.94.14 - Arbitrary File Access (CVE-2017-9833) |
cve/CVE-2017-9833.yaml |
Joomla! <3.7.1 - SQL Injection (CVE-2017-8917) |
cve/CVE-2017-8917.yaml |
OpenTSDB <=2.4.0 - Remote Code Execution (CVE-2020-35476) |
cve/CVE-2020-35476.yaml |
Linear eMerge E3-Series - Cross-Site Scripting (CVE-2022-46381) |
cve/CVE-2022-46381.yaml |
Sophos Web Appliance - Remote Code Execution (CVE-2023-1671) |
cve/CVE-2023-1671.yaml |
LISTSERV 17 - Cross-Site Scripting (CVE-2022-39195) |
cve/CVE-2022-39195.yaml |
DrayTek - Remote Code Execution (CVE-2020-8515) |
cve/CVE-2020-8515.yaml |
Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion (CVE-2010-1602) |
cve/CVE-2010-1602.yaml |
EpiServer Find <13.2.7 - Open Redirect (CVE-2020-24550) |
cve/CVE-2020-24550.yaml |
Bitrix24 <=20.0.0 - Cross-Site Scripting (CVE-2020-13483) |
cve/CVE-2020-13483.yaml |
Pie Register < 3.7.1.6 - SQL Injection (CVE-2021-24731) |
cve/CVE-2021-24731.yaml |
Adobe Coldfusion <=8.0.1 - Cross-Site Scripting (CVE-2009-1872) |
cve/CVE-2009-1872.yaml |
Zabbix Setup Configuration Authentication Bypass (CVE-2022-23134) |
cve/CVE-2022-23134.yaml |
Rocket.Chat <=3.13 - NoSQL Injection (CVE-2021-22911) |
cve/CVE-2021-22911.yaml |
WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting (CVE-2021-24298) |
cve/CVE-2021-24298.yaml |
WordPress AnyComment <0.3.5 - Open Redirect (CVE-2021-24838) |
cve/CVE-2021-24838.yaml |
Online Fire Reporting System v1.0 - SQL injection (CVE-2022-31975) |
cve/CVE-2022-31975.yaml |
Altenergy Power Control Software C1.2.5 - Remote Command Injection (CVE-2023-28343) |
cve/CVE-2023-28343.yaml |
WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting (CVE-2013-2287) |
cve/CVE-2013-2287.yaml |
WBCE CMS 1.5.2 - Cross-Site Scripting (CVE-2022-30073) |
cve/CVE-2022-30073.yaml |
eMerge E3 1.00-06 - Remote Code Execution (CVE-2019-7256) |
cve/CVE-2019-7256.yaml |
VMware vRealize Operations Tenant - JNDI Remote Code Execution (Apache Log4j) |
cve/vrealize-operations-log4j-rce.yaml |
WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting (CVE-2021-34640) |
cve/CVE-2021-34640.yaml |
ImpressCMS <1.4.3 - Incorrect Authorization (CVE-2021-26598) |
cve/CVE-2021-26598.yaml |
Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass (CVE-2023-2982) |
cve/CVE-2023-2982.yaml |
Zyxel - Cross-Site Scripting (CVE-2019-9955) |
cve/CVE-2019-9955.yaml |
Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager |
cve/CVE-2019-1821.yaml |
Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection (CVE-2020-8194) |
cve/CVE-2020-8194.yaml |
IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting (CVE-2020-8512) |
cve/CVE-2020-8512.yaml |
Apache httpd <=2.4.29 - Arbitrary File Upload (CVE-2017-15715) |
cve/CVE-2017-15715.yaml |
NETGEAR ProSafe SSL VPN firmware - SQL Injection (CVE-2022-29383) |
cve/CVE-2022-29383.yaml |
Lotus Domino R5 and R6 WebMail - Information Disclosure (CVE-2005-2428) |
cve/CVE-2005-2428.yaml |
ATutor < 2.2.1 - Cross Site Scripting (CVE-2023-27008) |
cve/CVE-2023-27008.yaml |
Formcraft3 <3.8.28 - Server-Side Request Forgery (CVE-2022-0591) |
cve/CVE-2022-0591.yaml |
WordPress zm-gallery plugin 1.0 SQL Injection (CVE-2016-10940) |
cve/CVE-2016-10940.yaml |
Apache HTTP Server <=2.4.39 - HTML Injection/Partial Cross-Site Scripting |
cve/CVE-2019-10092.yaml |
Acrolinx Server <5.2.5 - Local File Inclusion (CVE-2018-7719) |
cve/CVE-2018-7719.yaml |
WordPress AcyMailing <7.5.0 - Open Redirect (CVE-2021-24288) |
cve/CVE-2021-24288.yaml |
Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting (CVE-2019-19368) |
cve/CVE-2019-19368.yaml |
WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL |
cve/CVE-2021-24931.yaml |
rConfig 3.9.4 - SQL Injection (CVE-2020-10548) |
cve/CVE-2020-10548.yaml |
GitLab CE/EE Unauthenticated RCE Using ExifTool (CVE-2021-22205) |
cve/gitlab-rce.yaml |
WordPress Duplicator <1.4.7 - Authentication Bypass (CVE-2022-2551) |
cve/CVE-2022-2551.yaml |
Apache S2-032 Struts - Remote Code Execution (CVE-2016-3081) |
cve/CVE-2016-3081.yaml |
LionWiki <3.2.12 - Local File Inclusion (CVE-2020-27191) |
cve/CVE-2020-27191.yaml |
Dell iDRAC7/8 Devices - Remote Code Injection (CVE-2018-1207) |
cve/CVE-2018-1207.yaml |
SAP Web Application Server 6.x/7.0 - Open Redirect (CVE-2005-3634) |
cve/CVE-2005-3634.yaml |
WordPress WPB Show Core - Cross-Site Scripting (CVE-2022-3484) |
cve/CVE-2022-3484.yaml |
Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure (CVE-2019-1653) |
cve/CVE-2019-1653.yaml |
PacsOne Server <7.1.1 - Cross-Site Scripting (CVE-2020-29164) |
cve/CVE-2020-29164.yaml |
WordPress Time Capsule < 1.21.16 - Authentication Bypass (CVE-2020-8771) |
cve/CVE-2020-8771.yaml |
VMware VCenter - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/vmware-vcenter-log4j-jndi-rce.yaml |
GDidees CMS v3.9.1 - Arbitrary File Download (CVE-2023-27179) |
cve/CVE-2023-27179.yaml |
WordPress Guppy <=1.1 - Information Disclosure (CVE-2021-24997) |
cve/CVE-2021-24997.yaml |
PHPGurukul Hospital Management System - Cross-Site Scripting (CVE-2020-5191) |
cve/CVE-2020-5191.yaml |
WordPress Page Layout builder v1.9.3 - Cross-Site Scripting (CVE-2016-1000141) |
cve/CVE-2016-1000141.yaml |
Rails File Content Disclosure (CVE-2019-5418) |
cve/CVE-2019-5418.yaml |
rConfig 3.9.4 - SQL Injection (CVE-2020-10546) |
cve/CVE-2020-10546.yaml |
Joomla! JCK Editor SQL Injection (CVE-2018-17254) |
cve/CVE-2018-17254.yaml |
WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting (CVE-2016-1000133) |
cve/CVE-2016-1000133.yaml |
Elasticsearch - Local File Inclusion (CVE-2015-3337) |
cve/CVE-2015-3337.yaml |
WordPress Page Views Count <2.4.15 - SQL Injection (CVE-2022-0434) |
cve/CVE-2022-0434.yaml |
Seagate NAS OS 4.3.15.1 - Server Information Disclosure (CVE-2018-12296) |
cve/CVE-2018-12296.yaml |
Cuppa CMS v1.0 - Remote Code Execution (CVE-2022-37190) |
cve/CVE-2022-37190.yaml |
GitLab CE/EE - Hard-Coded Credentials (CVE-2022-1162) |
cve/CVE-2022-1162.yaml |
WordPress 15Zine <3.3.0 - Cross-Site Scripting (CVE-2020-36510) |
cve/CVE-2020-36510.yaml |
Zoho ManageEngine OpManger - Arbitrary File Read (CVE-2020-12116) |
cve/CVE-2020-12116.yaml |
IBM Maximo Asset Management Information Disclosure - XML External Entity Injection |
cve/CVE-2020-4463.yaml |
Jira - Local File Inclusion (CVE-2019-8442) |
cve/CVE-2019-8442.yaml |
MantisBT <=2.30 - Arbitrary Password Reset/Admin Access (CVE-2017-7615) |
cve/CVE-2017-7615.yaml |
IceWarp Mail Server <=10.4.4 - Local File Inclusion (CVE-2019-12593) |
cve/CVE-2019-12593.yaml |
AppWeb - Authentication Bypass (CVE-2018-8715) |
cve/CVE-2018-8715.yaml |
Tablesome < 1.0.9 - Cross-Site Scripting (CVE-2023-1890) |
cve/CVE-2023-1890.yaml |
SAS/Internet 9.4 1520 - Local File Inclusion (CVE-2021-41569) |
cve/CVE-2021-41569.yaml |
FUDForum 3.1.0 - Cross-Site Scripting (CVE-2021-27519) |
cve/CVE-2021-27519.yaml |
Puppet Server/PuppetDB - Sensitive Information Disclosure (CVE-2020-7943) |
cve/CVE-2020-7943.yaml |
Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection (CVE-2021-25297) |
cve/CVE-2021-25297.yaml |
Ivanti MobileIron (Log4j) - Remote Code Execution (CVE-2021-44228) |
cve/mobileiron-log4j-jndi-rce.yaml |
Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access |
cve/CVE-2012-0896.yaml |
WordPress PhastPress <1.111 - Open Redirect (CVE-2021-24210) |
cve/CVE-2021-24210.yaml |
Hitachi Pentaho Business Analytics Server - Remote Code Execution (CVE-2022-43769) |
cve/CVE-2022-43769.yaml |
Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability |
cve/CVE-2016-4437.yaml |
NocoDB version <= 0.106.1 - Arbitrary File Read (CVE-2023-35843) |
cve/CVE-2023-35843.yaml |
Apache Kylin - Exposed Configuration File (CVE-2020-13937) |
cve/CVE-2020-13937.yaml |
Etherpad Lite <1.6.4 - Admin Authentication Bypass (CVE-2018-9845) |
cve/CVE-2018-9845.yaml |
JustWriting - Cross-Site Scripting (CVE-2021-41467) |
cve/CVE-2021-41467.yaml |
WordPress True Ranker <2.2.4 - Local File Inclusion (CVE-2021-39312) |
cve/CVE-2021-39312.yaml |
Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution (CVE-2017-3506) |
cve/CVE-2017-3506.yaml |
WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site |
cve/CVE-2021-24991.yaml |
Netsweeper 4.0.4 - Cross-Site Scripting (CVE-2014-9607) |
cve/CVE-2014-9607.yaml |
Cuppa CMS v1.0 - Cross Site Scripting (CVE-2022-38295) |
cve/CVE-2022-38295.yaml |
EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution (CVE-2020-8654) |
cve/CVE-2020-8654.yaml |
Welcart eCommerce <=2.7.7 - Local File Inclusion (CVE-2022-41840) |
cve/CVE-2022-41840.yaml |
Directory Management System 1.0 - SQL Injection (CVE-2022-29006) |
cve/CVE-2022-29006.yaml |
Hospital Management System 4.0 - SQL Injection (CVE-2020-5192) |
cve/CVE-2020-5192.yaml |
Joomla! Component com_kp - 'Controller' Local File Inclusion (CVE-2011-4804) |
cve/CVE-2011-4804.yaml |
WordPress EasyCart <2.0.6 - Information Disclosure (CVE-2014-4942) |
cve/CVE-2014-4942.yaml |
Splunk <=7.0.1 - Information Disclosure (CVE-2018-11409) |
cve/CVE-2018-11409.yaml |
Joomla! Component jesectionfinder - Local File Inclusion (CVE-2010-2680) |
cve/CVE-2010-2680.yaml |
Documentor <= 1.5.3 - Unauthenticated SQL Injection (CVE-2022-0773) |
cve/CVE-2022-0773.yaml |
Skysa App Bar 1.04 - Cross-Site Scripting (CVE-2011-5179) |
cve/CVE-2011-5179.yaml |
Advantech R-SeeNet - Cross-Site Scripting (CVE-2021-21801) |
cve/CVE-2021-21801.yaml |
Commvault CommCell - Local File Inclusion (CVE-2020-25780) |
cve/CVE-2020-25780.yaml |
RaspAP <=2.6.5 - Remote Command Injection (CVE-2021-33357) |
cve/CVE-2021-33357.yaml |
CuppaCMS v1.0 - Local File Inclusion (CVE-2022-34121) |
cve/CVE-2022-34121.yaml |
Rukovoditel <= 2.7.2 - Cross-Site Scripting (CVE-2020-35987) |
cve/CVE-2020-35987.yaml |
playSMS <1.4.3 - Remote Code Execution (CVE-2020-8644) |
cve/CVE-2020-8644.yaml |
Roxy-WI <6.1.1.0 - Remote Code Execution (CVE-2022-31126) |
cve/CVE-2022-31126.yaml |
Apache Solr <=8.8.1 - Server-Side Request Forgery (CVE-2021-27905) |
cve/CVE-2021-27905.yaml |
PrismaWEB - Credentials Disclosure (CVE-2018-9161) |
cve/CVE-2018-9161.yaml |
NexusPHP <1.7.33 - Cross-Site Scripting (CVE-2022-46888) |
cve/CVE-2022-46888.yaml |
Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure |
cve/CVE-2020-14179.yaml |
ForgeRock OpenAM <7.0 - Remote Code Execution (CVE-2021-35464) |
cve/CVE-2021-35464.yaml |
phpIPAM - 1.6 - Cross-Site Scripting (CVE-2023-24657) |
cve/CVE-2023-24657.yaml |
VMware vSphere - Server-Side Request Forgery (CVE-2021-21973) |
cve/CVE-2021-21973.yaml |
Jira <8.4.0 - Server-Side Request Forgery (CVE-2019-8451) |
cve/CVE-2019-8451.yaml |
Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting |
cve/CVE-2018-14013.yaml |
WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution |
cve/CVE-2019-15858.yaml |
Appwrite <=1.2.1 - Server-Side Request Forgery (CVE-2023-27159) |
cve/CVE-2023-27159.yaml |
WordPress NewStatPress <1.3.6 - Cross-Site Scripting (CVE-2022-0206) |
cve/CVE-2022-0206.yaml |
Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection (CVE-2021-25296) |
cve/CVE-2021-25296.yaml |
Apache Tika <1.1.8- Header Command Injection (CVE-2018-1335) |
cve/CVE-2018-1335.yaml |
WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting (CVE-2022-1007) |
cve/CVE-2022-1007.yaml |
Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion |
cve/CVE-2022-26233.yaml |
WordPress MyPixs <=0.3 - Local File Inclusion (CVE-2015-1000012) |
cve/CVE-2015-1000012.yaml |
XStream <1.4.16 - Remote Code Execution (CVE-2021-21351) |
cve/CVE-2021-21351.yaml |
AvantFAX 3.3.3 - Cross-Site Scripting (CVE-2017-18024) |
cve/CVE-2017-18024.yaml |
ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting (CVE-2014-4513) |
cve/CVE-2014-4513.yaml |
Mlflow <2.3.0 - Local File Inclusion (CVE-2023-2356) |
cve/CVE-2023-2356.yaml |
WAVLINK WN535 G3 - Information Disclosure (CVE-2022-31846) |
cve/CVE-2022-31846.yaml |
WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read (CVE-2022-33901) |
cve/CVE-2022-33901.yaml |
Netsweeper - Authentication Bypass (CVE-2014-9618) |
cve/CVE-2014-9618.yaml |
npm ansi_up v4 - Cross-Site Scripting (CVE-2021-3377) |
cve/CVE-2021-3377.yaml |
SugarCRM 3.5.1 - Cross-Site Scripting (CVE-2018-5715) |
cve/CVE-2018-5715.yaml |
Redis Sandbox Escape - Remote Code Execution (CVE-2022-0543) |
cve/CVE-2022-0543.yaml |
Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution (CVE-2021-40870) |
cve/CVE-2021-40870.yaml |
SV3C HD Camera L Series - Open Redirect (CVE-2018-12675) |
cve/CVE-2018-12675.yaml |
GetSimple CMS 3.3.13 - Open Redirect (CVE-2019-9915) |
cve/CVE-2019-9915.yaml |
Atlassian Jira Server-Side Template Injection (CVE-2019-11581) |
cve/CVE-2019-11581.yaml |
Admidio - Cross-Site Scripting (CVE-2021-43810) |
cve/CVE-2021-43810.yaml |
kkFileView 4.1.0 - Server-Side Request Forgery (CVE-2022-43140) |
cve/CVE-2022-43140.yaml |
Shortcode Ninja <= 1.4 - Cross-Site Scripting (CVE-2014-4550) |
cve/CVE-2014-4550.yaml |
School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting |
cve/CVE-2022-30513.yaml |
Apache ShenYu Admin Unauth Access (CVE-2022-23944) |
cve/CVE-2022-23944.yaml |
CandidATS 3.0.0 - Cross-Site Scripting. (CVE-2022-42747) |
cve/CVE-2022-42747.yaml |
Ruby On Rails - Local File Inclusion (CVE-2018-3760) |
cve/CVE-2018-3760.yaml |
Jira Server and Data Center - Information Disclosure (CVE-2020-36289) |
cve/CVE-2020-36289.yaml |
Apache Flink - Local File Inclusion (CVE-2020-17519) |
cve/CVE-2020-17519.yaml |
Tarantella Enterprise <3.11 - Local File Inclusion (CVE-2018-19753) |
cve/CVE-2018-19753.yaml |
YeaLink DM 3.6.0.20 - Remote Command Injection (CVE-2021-27561) |
cve/CVE-2021-27561.yaml |
Apache <= 2.4.48 - Mod_Proxy SSRF (CVE-2021-40438) |
cve/CVE-2021-40438.yaml |
PHP-Fusion 9.03.50 - Remote Code Execution (CVE-2020-24949) |
cve/CVE-2020-24949.yaml |
Lucee Admin - Remote Code Execution (CVE-2021-21307) |
cve/CVE-2021-21307.yaml |
Clansphere CMS 2011.4 - Cross-Site Scripting (CVE-2021-27309) |
cve/CVE-2021-27309.yaml |
SearchBlox <9.2.2 - Local File Inclusion (CVE-2020-35580) |
cve/CVE-2020-35580.yaml |
WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion (CVE-2018-16283) |
cve/CVE-2018-16283.yaml |
SolarView Compact 6.00 - OS Command Injection (CVE-2023-23333) |
cve/CVE-2023-23333.yaml |
Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion (CVE-2023-29887) |
cve/CVE-2023-29887.yaml |
LG NAS Devices - Remote Code Execution (CVE-2018-10818) |
cve/CVE-2018-10818.yaml |
Smartstore <4.1.0 - Open Redirect (CVE-2020-36365) |
cve/CVE-2020-36365.yaml |
The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting (CVE-2021-25008) |
cve/CVE-2021-25008.yaml |
Grafana Snapshot - Authentication Bypass (CVE-2021-39226) |
cve/CVE-2021-39226.yaml |
Cisco Unified Communications - Remote Code Execution (Apache Log4j) (CVE-2021-44228) |
cve/cisco-unified-communications-log4j.yaml |
Complete Online Job Search System 1.0 - SQL Injection (CVE-2022-32007) |
cve/CVE-2022-32007.yaml |
Easy Social Feed < 6.2.7 - Cross-Site Scripting (CVE-2021-25120) |
cve/CVE-2021-25120.yaml |
Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal (CVE-2010-2035) |
cve/CVE-2010-2035.yaml |
Pascom CPS - Local File Inclusion (CVE-2021-45968) |
cve/CVE-2021-45968.yaml |
Oracle Content Server - Cross-Site Scripting (CVE-2017-10075) |
cve/CVE-2017-10075.yaml |
WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local |
cve/CVE-2018-9118.yaml |
Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting (CVE-2021-24495) |
cve/CVE-2021-24495.yaml |
Processwire CMS <2.7.1 - Local File Inclusion (CVE-2020-27467) |
cve/CVE-2020-27467.yaml |
Comodo Unified Threat Management Web Console - Remote Code Execution (CVE-2018-17431) |
cve/CVE-2018-17431.yaml |
Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation (CVE-2022-25369) |
cve/CVE-2022-25369.yaml |
WordPress JH 404 Logger <=1.1 - Cross-Site Scripting (CVE-2021-24176) |
cve/CVE-2021-24176.yaml |
VoipMonitor <24.61 - Remote Code Execution (CVE-2021-30461) |
cve/CVE-2021-30461.yaml |
Grafana & Zabbix Integration - Credentials Disclosure (CVE-2022-26148) |
cve/CVE-2022-26148.yaml |
Monitorr 1.7.6m - Unauthenticated Remote Code Execution (CVE-2020-28871) |
cve/CVE-2020-28871.yaml |
Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting (CVE-2014-4536) |
cve/CVE-2014-4536.yaml |
Grafana - Improper Access Control (CVE-2019-15043) |
cve/CVE-2019-15043.yaml |
WordPress WP Video Gallery <=1.7.1 - SQL Injection (CVE-2022-0826) |
cve/CVE-2022-0826.yaml |
Joomla! Component Archery Scores 1.0.6 - Local File Inclusion (CVE-2010-1718) |
cve/CVE-2010-1718.yaml |
Nacos <1.4.1 - Authentication Bypass (CVE-2021-29442) |
cve/CVE-2021-29442.yaml |
Member Hero <=1.0.9 - Remote Code Execution (CVE-2022-0885) |
cve/CVE-2022-0885.yaml |
Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored) (CVE-2022-42095) |
cve/CVE-2022-42095.yaml |
kkFileview v4.0.0 - Local File Inclusion (CVE-2021-43734) |
cve/CVE-2021-43734.yaml |
MasterStudy LMS <2.7.6 - Improper Access Control (CVE-2022-0441) |
cve/CVE-2022-0441.yaml |
Joomla! Component SVMap 1.1.1 - Local File Inclusion (CVE-2010-1308) |
cve/CVE-2010-1308.yaml |
WordPress Plugin Tera Charts - Local File Inclusion (CVE-2014-4940) |
cve/CVE-2014-4940.yaml |
Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting (CVE-2019-14696) |
cve/CVE-2019-14696.yaml |
WordPress anti-plagiarism <=3.60 - Cross-Site Scripting (CVE-2016-1000128) |
cve/CVE-2016-1000128.yaml |
Joomla! Component Highslide 1.5 - Local File Inclusion (CVE-2010-1314) |
cve/CVE-2010-1314.yaml |
Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting (CVE-2021-26812) |
cve/CVE-2021-26812.yaml |
Ninja Forms < 3.6.22 - Cross-Site Scripting (CVE-2023-1835) |
cve/CVE-2023-1835.yaml |
Apache Cassandra Load UDF RCE (CVE-2021-44521) |
cve/CVE-2021-44521.yaml |
Joomla! Component com_cartweberp - Local File Inclusion (CVE-2010-0982) |
cve/CVE-2010-0982.yaml |
Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion (CVE-2010-2920) |
cve/CVE-2010-2920.yaml |
PrestaShop SmartBlog <4.0.6- SQL Injection (CVE-2021-37538) |
cve/CVE-2021-37538.yaml |
Apache APISIX - Remote Code Execution (CVE-2022-24112) |
cve/CVE-2022-24112.yaml |
WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion (CVE-2022-0679) |
cve/CVE-2022-0679.yaml |
NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting (CVE-2022-33119) |
cve/CVE-2022-33119.yaml |
Grafana v8.x - Arbitrary File Read (CVE-2021-43798) |
cve/CVE-2021-43798.yaml |
PMB 7.4.6 - Cross-Site Scripting (CVE-2023-24733) |
cve/CVE-2023-24733.yaml |
WordPress Slider Revolution - Local File Disclosure (CVE-2015-1579) |
cve/CVE-2015-1579.yaml |
TBK DVR4104/DVR4216 Devices - Authentication Bypass (CVE-2018-9995) |
cve/CVE-2018-9995.yaml |
Lightdash version <= 0.510.3 Arbitrary File Read (CVE-2023-35844) |
cve/CVE-2023-35844.yaml |
Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery (CVE-2022-24129) |
cve/CVE-2022-24129.yaml |
WordPress Social Warfare <3.5.3 - Cross-Site Scripting (CVE-2019-9978) |
cve/CVE-2019-9978.yaml |
Joomla! Component Jstore - 'Controller' Local File Inclusion (CVE-2010-5286) |
cve/CVE-2010-5286.yaml |
Mongo-Express - Remote Code Execution (CVE-2020-24391) |
cve/CVE-2020-24391.yaml |
Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion (CVE-2010-1535) |
cve/CVE-2010-1535.yaml |
WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting (CVE-2022-0234) |
cve/CVE-2022-0234.yaml |
Drawio <18.1.2 - Server-Side Request Forgery (CVE-2022-1815) |
cve/CVE-2022-1815.yaml |
SolarView Compact 6.00 - Cross-Site Scripting (CVE-2022-31373) |
cve/CVE-2022-31373.yaml |
Cuppa CMS v1.0 - SQL injection (CVE-2022-24266) |
cve/CVE-2022-24266.yaml |
WordPress GN Publisher <1.5.6 - Cross-Site Scripting (CVE-2023-1080) |
cve/CVE-2023-1080.yaml |
phpShowtime 2.0 - Directory Traversal (CVE-2012-0981) |
cve/CVE-2012-0981.yaml |
WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection (CVE-2021-24554) |
cve/CVE-2021-24554.yaml |
Rukovoditel <= 3.2.1 - Cross-Site Scripting (CVE-2022-43185) |
cve/CVE-2022-43185.yaml |
D-Link DIR-600M - Authentication Bypass (CVE-2019-13101) |
cve/CVE-2019-13101.yaml |
D-Link DSL 2888a - Authentication Bypass/Remote Command Execution (CVE-2020-24579) |
cve/CVE-2020-24579.yaml |
OpenCATS 0.9.6 - Cross-Site Scripting (CVE-2022-43016) |
cve/CVE-2022-43016.yaml |
ServiceNow - Cross-Site Scripting (CVE-2022-38463) |
cve/CVE-2022-38463.yaml |
rConfig 3.9.2 - Remote Code Execution (CVE-2019-16662) |
cve/CVE-2019-16662.yaml |
WordPress Helloprint <1.4.7 - Cross-Site Scripting (CVE-2022-3908) |
cve/CVE-2022-3908.yaml |
WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting (CVE-2022-4301) |
cve/CVE-2022-4301.yaml |
WordPress ARPrice <3.6.1 - SQL Injection (CVE-2022-0867) |
cve/CVE-2022-0867.yaml |
Cacti <=1.2.22 - Remote Command Injection (CVE-2022-46169) |
cve/CVE-2022-46169.yaml |
Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting (CVE-2020-26153) |
cve/CVE-2020-26153.yaml |
Gitea <1.16.5 - Open Redirect (CVE-2022-1058) |
cve/CVE-2022-1058.yaml |
Cobub Razor 0.8.0 - Information Disclosure (CVE-2018-8770) |
cve/CVE-2018-8770.yaml |
WordPress RSVPMaker <=9.3.2 - SQL Injection (CVE-2022-1768) |
cve/CVE-2022-1768.yaml |
WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting (CVE-2021-36873) |
cve/CVE-2021-36873.yaml |
uDraw <3.3.3 - Local File Inclusion (CVE-2022-0656) |
cve/CVE-2022-0656.yaml |
Apache ActiveMQ Fileserver - Arbitrary File Write (CVE-2016-3088) |
cve/CVE-2016-3088.yaml |
The School Management < 9.9.7 - Remote Code Execution (CVE-2022-1609) |
cve/CVE-2022-1609.yaml |
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-20010) |
cve/CVE-2018-20010.yaml |
Infographic Maker iList < 4.3.8 - SQL Injection (CVE-2022-0747) |
cve/CVE-2022-0747.yaml |
Eclipse Jetty ConcatServlet - Information Disclosure (CVE-2021-28169) |
cve/CVE-2021-28169.yaml |
WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting (CVE-2018-11709) |
cve/CVE-2018-11709.yaml |
Redash Setup Configuration - Default Secrets Disclosure (CVE-2021-41192) |
cve/CVE-2021-41192.yaml |
Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection (CVE-2021-36380) |
cve/CVE-2021-36380.yaml |
WordPress Canto 1.3.0 - Blind Server-Side Request Forgery (CVE-2020-28976) |
cve/CVE-2020-28976.yaml |
WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting (CVE-2022-0140) |
cve/CVE-2022-0140.yaml |
Oracle Weblogic Server - Remote Command Execution (CVE-2020-14882) |
cve/CVE-2020-14882.yaml |
Microfinance Management System 1.0 - SQL Injection (CVE-2022-27927) |
cve/CVE-2022-27927.yaml |
Gryphon Tower - Cross-Site Scripting (CVE-2021-20137) |
cve/CVE-2021-20137.yaml |
Mida eFramework <=2.9.0 - Remote Command Execution (CVE-2020-15920) |
cve/CVE-2020-15920.yaml |
Joomla! Component Picasa 2.0 - Local File Inclusion (CVE-2010-1306) |
cve/CVE-2010-1306.yaml |
74cms - ajax_street.php 'x' SQL Injection (CVE-2020-22210) |
cve/CVE-2020-22208.yaml |
Import Legacy Media <= 0.1 - Cross-Site Scripting (CVE-2014-4535) |
cve/CVE-2014-4535.yaml |
Ignite Realtime Openfire <4.42 - Local File Inclusion (CVE-2019-18393) |
cve/CVE-2019-18393.yaml |
Fonality trixbox - Local File Inclusion (CVE-2014-5111) |
cve/CVE-2014-5111.yaml |
Exchange Server - Remote Code Execution (CVE-2021-34473) |
cve/CVE-2021-34473.yaml |
Next.js <9.3.2 - Local File Inclusion (CVE-2020-5284) |
cve/CVE-2020-5284.yaml |
Joomla! Component com_rokdownloads - Local File Inclusion (CVE-2010-1056) |
cve/CVE-2010-1056.yaml |
Responsive filemanager 9.13.1 Server-Side Request Forgery (CVE-2018-14728) |
cve/CVE-2018-14728.yaml |
WordPress NotificationX <2.3.9 - SQL Injection (CVE-2022-0349) |
cve/CVE-2022-0349.yaml |
Clustering Local File Inclusion (CVE-2021-43496) |
cve/CVE-2021-43496.yaml |
Eventum <3.4.0 - Open Redirect (CVE-2018-16761) |
cve/CVE-2018-16761.yaml |
Bank Locker Management System - Cross-Site Scripting (CVE-2023-0563) |
cve/CVE-2023-0563.yaml |
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting (CVE-2014-2908) |
cve/CVE-2014-2908.yaml |
WordPress Plugin DukaPress 2.5.2 - Directory Traversal (CVE-2014-8799) |
cve/CVE-2014-8799.yaml |
Netsweeper <=6.4.3 - Python Code Injection (CVE-2020-13167) |
cve/CVE-2020-13167.yaml |
LabKey Server Community Edition <18.3.0 - Cross-Site Scripting (CVE-2019-3911) |
cve/CVE-2019-3911.yaml |
OURPHP <= 7.2.0 - Cross Site Scripting (CVE-2023-30210) |
cve/CVE-2023-30210.yaml |
MinIO Browser API - Server-Side Request Forgery (CVE-2021-21287) |
cve/CVE-2021-21287.yaml |
Omnia MPX 1.5.0+r1 - Local File Inclusion (CVE-2022-36642) |
cve/CVE-2022-36642.yaml |
SPIP <3.1.2 - Cross-Site Scripting (CVE-2016-7981) |
cve/CVE-2016-7981.yaml |
VMware vSphere Client (HTML5) - Remote Code Execution (CVE-2021-21985) |
cve/CVE-2021-21985.yaml |
CirCarLife <4.3 - Improper Authentication (CVE-2018-16670) |
cve/CVE-2018-16670.yaml |
WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting (CVE-2015-2755) |
cve/CVE-2015-2755.yaml |
WordPress RSVP and Event Management <2.7.8 - Missing Authorization (CVE-2022-1054) |
cve/CVE-2022-1054.yaml |
u5cms v8.3.5 - Open Redirect (CVE-2022-32444) |
cve/CVE-2022-32444.yaml |
WordPress GDPR & CCPA <1.9.27 - Cross-Site Scripting (CVE-2022-0220) |
cve/CVE-2022-0220.yaml |
Nagios XI <5.8.5 - Open Redirect (CVE-2022-29272) |
cve/CVE-2022-29272.yaml |
Rukovoditel <= 3.2.1 - Cross-Site Scripting (CVE-2022-44948) |
cve/CVE-2022-44948.yaml |
Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting (CVE-2008-6465) |
cve/CVE-2008-6465.yaml |
ZEROF Web Server 2.0 - Cross-Site Scripting (CVE-2022-25323) |
cve/CVE-2022-25323.yaml |
WordPress DZS Zoomsounds <=6.50 - Local File Inclusion (CVE-2021-39316) |
cve/CVE-2021-39316.yaml |
AWStats < 6.95 - Open Redirect (CVE-2009-5020) |
cve/CVE-2009-5020.yaml |
MicroStrategy Library <11.1.3 - Cross-Site Scripting (CVE-2019-18957) |
cve/CVE-2019-18957.yaml |
Apache Airflow <=1.10.10 - Remote Code Execution (CVE-2020-11978) |
cve/CVE-2020-11978.yaml |
D-Link DIR850 ET850-1.08TRb03 - Open Redirect (CVE-2021-46379) |
cve/CVE-2021-46379.yaml |
Ruby on Rails Web Console - Remote Code Execution (CVE-2015-3224) |
cve/CVE-2015-3224.yaml |
AccessAlly <3.5.7 - Sensitive Information Leakage (CVE-2021-24226) |
cve/CVE-2021-24226.yaml |
TOTOLink - Unauthenticated Command Injection (CVE-2022-25082) |
cve/CVE-2022-25082.yaml |
Car Rental Management System 1.0 - SQL Injection (CVE-2022-32028) |
cve/CVE-2022-32028.yaml |
ElasticSearch - Remote Code Execution (CVE-2015-1427) |
cve/CVE-2015-1427.yaml |
Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect (CVE-2019-10098) |
cve/CVE-2019-10098.yaml |
Linear eMerge E3-Series - Information Disclosure (CVE-2022-31269) |
cve/CVE-2022-31269.yaml |
Joomla! Component com_jcollection - Directory Traversal (CVE-2010-0944) |
cve/CVE-2010-0944.yaml |
Buffalo WSR-2533DHPL2 - Configuration File Injection (CVE-2021-20091) |
cve/CVE-2021-20091.yaml |
Mautic <3.3.4 - Cross-Site Scripting (CVE-2021-27909) |
cve/CVE-2021-27909.yaml |
WordPress Ocean Extra <1.9.5 - Cross-Site Scripting (CVE-2021-25104) |
cve/CVE-2021-25104.yaml |
FAUST iServer 9.0.018.018.4 - Local File Inclusion (CVE-2021-34805) |
cve/CVE-2021-34805.yaml |
Advantech R-SeeNet - Cross-Site Scripting (CVE-2021-21803) |
cve/CVE-2021-21803.yaml |
Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion |
cve/CVE-2010-1723.yaml |
Webmin <1.997 - Authenticated Remote Code Execution (CVE-2022-36446) |
cve/CVE-2022-36446.yaml |
IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion (CVE-2018-10956) |
cve/CVE-2018-10956.yaml |
WordPress NewStatPress 0.9.8 - SQL Injection (CVE-2015-4062) |
cve/CVE-2015-4062.yaml |
ElasticSearch v1.1.1/1.2 RCE (CVE-2014-3120) |
cve/CVE-2014-3120.yaml |
WordPress Sell Media 2.4.1 - Cross-Site Scripting (CVE-2019-6112) |
cve/CVE-2019-6112.yaml |
HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery (CVE-2022-29153) |
cve/CVE-2022-29153.yaml |
Reprise License Manager 14.2 - Cross-Site Scripting (CVE-2022-28363) |
cve/CVE-2022-28363.yaml |
Joomla! Component Love Factory 1.3.4 - Local File Inclusion (CVE-2010-1957) |
cve/CVE-2010-1957.yaml |
Joomla! Component com_jresearch - 'Controller' Local File Inclusion (CVE-2010-1340) |
cve/CVE-2010-1340.yaml |
Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion (CVE-2010-1719) |
cve/CVE-2010-1719.yaml |
Void Aural Rec Monitor 9.0.0.1 - SQL Injection (CVE-2021-25899) |
cve/CVE-2021-25899.yaml |
Icinga Web 2 - Arbitrary File Disclosure (CVE-2022-24716) |
cve/CVE-2022-24716.yaml |
qdPM 9.1 - Cross-site Scripting (CVE-2020-19515) |
cve/CVE-2020-19515.yaml |
Gridx 1.3 - Remote Code Execution (CVE-2020-19625) |
cve/CVE-2020-19625.yaml |
WordPress Directorist <7.3.1 - Information Disclosure (CVE-2022-2376) |
cve/CVE-2022-2376.yaml |
Webmin <= 1.920 - Unauthenticated Remote Command Execution (CVE-2019-15107) |
cve/CVE-2019-15107.yaml |
WWBN AVideo 11.6 - Cross-Site Scripting (CVE-2022-32772) |
cve/CVE-2022-32772.yaml |
Citrix Gateway and Citrix ADC - Cross-Site Scripting (CVE-2023-24488) |
cve/CVE-2023-24488.yaml |
WordPress Under Construction <1.19 - Cross-Site Scripting (CVE-2021-39320) |
cve/CVE-2021-39320.yaml |
WordPress Admin Word Count Column 2.2 - Local File Inclusion (CVE-2022-1390) |
cve/CVE-2022-1390.yaml |
Monstra CMS 3.0.4 - Cross-Site Scripting (CVE-2020-23697) |
cve/CVE-2020-23697.yaml |
phpPgAdmin <=4.2.1 - Local File Inclusion (CVE-2008-5587) |
cve/CVE-2008-5587.yaml |
Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal (CVE-2021-44138) |
cve/CVE-2021-44138.yaml |
Apache Superset <=1.3.2 - Default Login (CVE-2021-44451) |
cve/CVE-2021-44451.yaml |
kkFileView 4.1.0 - Cross-Site Scripting (CVE-2022-40879) |
cve/CVE-2022-40879.yaml |
VSFTPD 2.3.4 - Backdoor Command Execution (CVE-2011-2523) |
cve/CVE-2011-2523.yaml |
Spring MVC Framework - Local File Inclusion (CVE-2018-1271) |
cve/CVE-2018-1271.yaml |
Joomla! Agora 3.0.0b - Local File Inclusion (CVE-2009-3053) |
cve/CVE-2009-3053.yaml |
vBulletin 5.0.0-5.5.4 - Remote Command Execution (CVE-2019-16759) |
cve/CVE-2019-16759.yaml |
GeoServer <1.2.2 - Remote Code Execution (CVE-2022-24816) |
cve/CVE-2022-24816.yaml |
Nextjs <2.4.1 - Local File Inclusion (CVE-2017-16877) |
cve/CVE-2017-16877.yaml |
WordPress WP Security Audit Log 3.1.1 - Information Disclosure (CVE-2018-8719) |
cve/CVE-2018-8719.yaml |
WordPress e-search <=1.0 - Cross-Site Scripting (CVE-2016-1000131) |
cve/CVE-2016-1000131.yaml |
ffay lanproxy Directory Traversal (CVE-2021-3019) |
cve/CVE-2021-3019.yaml |
Joomla! Component JA Voice 2.0 - Local File Inclusion (CVE-2010-1982) |
cve/CVE-2010-1982.yaml |
WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting (CVE-2020-12054) |
cve/CVE-2020-12054.yaml |
Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution (CVE-2019-7238) |
cve/CVE-2019-7238.yaml |
Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion (CVE-2010-2507) |
cve/CVE-2010-2507.yaml |
Revive Adserver <=5.0.3 - Cross-Site Scripting (CVE-2020-8115) |
cve/CVE-2020-8115.yaml |
Joomla! Component Sweetykeeper 1.5 - Local File Inclusion (CVE-2010-1474) |
cve/CVE-2010-1474.yaml |
Xsuite <=2.4.4.5 - Open Redirect (CVE-2015-4668) |
cve/CVE-2015-4668.yaml |
Atlassian Crowd and Crowd Data Center Unauthenticated Remote Code Execution |
cve/CVE-2019-11580.yaml |
Magento Server MAGMI - Directory Traversal (CVE-2015-2067) |
cve/CVE-2015-2067.yaml |
Zend Server <9.13 - Cross-Site Scripting (CVE-2018-10230) |
cve/CVE-2018-10230.yaml |
Hospital Management System 1.0 - SQL Injection (CVE-2022-38637) |
cve/CVE-2022-38637.yaml |
WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery (CVE-2022-1386) |
cve/CVE-2022-1386.yaml |
CirCarLife <4.3 - Improper Authentication (CVE-2018-16671) |
cve/CVE-2018-16671.yaml |
Car Rental Management System 1.0 - SQL Injection (CVE-2022-32024) |
cve/CVE-2022-32024.yaml |
Reprise License Manager 14.2 - Information Disclosure (CVE-2022-28365) |
cve/CVE-2022-28365.yaml |
Wavlink WN535K2/WN535K3 - OS Command Injection (CVE-2022-2488) |
cve/CVE-2022-2488.yaml |
WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting (CVE-2021-25063) |
cve/CVE-2021-25063.yaml |
Monstra CMS <=3.0.4 - Cross-Site Scripting (CVE-2018-11227) |
cve/CVE-2018-11227.yaml |
Spotweb <= 1.5.1 - Cross Site Scripting (CVE-2021-40972) |
cve/CVE-2021-40972.yaml |
Zabbix - SAML SSO Authentication Bypass (CVE-2022-23131) |
cve/CVE-2022-23131.yaml |
DomainMOD 4.11.01 - Cross-Site Scripting (CVE-2018-20009) |
cve/CVE-2018-20009.yaml |
HTTP File Server <2.3c - Remote Command Execution (CVE-2014-6287) |
cve/CVE-2014-6287.yaml |
Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting (CVE-2020-28351) |
cve/CVE-2020-28351.yaml |
Affiliates Manager < 2.9.0 - Cross Site Scripting (CVE-2021-25078) |
cve/CVE-2021-25078.yaml |
SaltStack Salt <3002.5 - Auth Bypass (CVE-2021-25281) |
cve/CVE-2021-25281.yaml |
WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting (CVE-2021-24746) |
cve/CVE-2021-24746.yaml |
Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure (CVE-2021-28937) |
cve/CVE-2021-28937.yaml |
CouchDB Erlang Distribution - Remote Command Execution (CVE-2022-24706) |
cve/CVE-2022-24706.yaml |
Laravel Filemanager v2.5.1 - Local File Inclusion (CVE-2022-40734) |
cve/CVE-2022-40734.yaml |
LimeSurvey 4.1.11 - Local File Inclusion (CVE-2020-11455) |
cve/CVE-2020-11455.yaml |
Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side |
cve/CVE-2021-24472.yaml |
WordPress Events Calendar <1.4.5 - Cross-Site Scripting (CVE-2022-4320) |
cve/CVE-2022-4320.yaml |
W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal |
cve/CVE-2019-6715.yaml |
Complete Online Job Search System 1.0 - Cross-Site Scripting |
cve/eris-xss.yaml |
ReQlogic v11.3 - Cross Site Scripting (CVE-2022-41441) |
cve/CVE-2022-41441.yaml |
Apache Struts - Multiple Open Redirection Vulnerabilities (CVE-2013-2248) |
cve/CVE-2013-2248.yaml |
SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting (CVE-2021-31537) |
cve/CVE-2021-31537.yaml |
WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection |
cve/CVE-2022-0788.yaml |
Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion (CVE-2017-1000029) |
cve/CVE-2017-1000029.yaml |
WordPress Tutor LMS <2.0.10 - Cross Site Scripting (CVE-2023-0236) |
cve/CVE-2023-0236.yaml |
Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery (CVE-2018-1000600) |
cve/CVE-2018-1000600.yaml |
Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection (CVE-2019-9670) |
cve/CVE-2019-9670.yaml |
ElasticSearch <1.6.1 - Local File Inclusion (CVE-2015-5531) |
cve/CVE-2015-5531.yaml |
Apache OFBiz 16.11.04 - XML Entity Injection (CVE-2018-8033) |
cve/CVE-2018-8033.yaml |
WAVLINK WN535 G3 - Information Disclosure (CVE-2022-31845) |
cve/CVE-2022-31845.yaml |
Plesk Obsidian <=18.0.49 - Open Redirect (CVE-2023-24044) |
cve/CVE-2023-24044.yaml |
WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting (CVE-2021-24891) |
cve/CVE-2021-24891.yaml |
Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change (CVE-2021-20158) |
cve/CVE-2021-20158.yaml |
vRealize Operations Manager API - Server-Side Request Forgery (CVE-2021-21975) |
cve/CVE-2021-21975.yaml |
Seagate BlackArmor NAS - Command Injection (CVE-2014-3206) |
cve/CVE-2014-3206.yaml |
OpenCATS 0.9.6 - Cross-Site Scripting (CVE-2022-43018) |
cve/CVE-2022-43018.yaml |
Dolibarr Unauthenticated Contacts Database Theft (CVE-2023-33568) |
cve/CVE-2023-33568.yaml |
XStream <1.4.14 - Remote Code Execution (CVE-2020-26217) |
cve/CVE-2020-26217.yaml |
Python Flask-Security - Open Redirect (CVE-2021-32618) |
cve/CVE-2021-32618.yaml |
Squirrelmail <=1.4.6 - Local File Inclusion (CVE-2006-2842) |
cve/CVE-2006-2842.yaml |
Responsive FileManager <9.13.4 - Local File Inclusion (CVE-2018-15535) |
cve/CVE-2018-15535.yaml |
WordPress Stop Spammers <2021.9 - Cross-Site Scripting (CVE-2021-24245) |
cve/CVE-2021-24245.yaml |
Cyberoam NetGenie Cross-Site Scripting (CVE-2021-38702) |
cve/CVE-2021-38702.yaml |
Galera WebTemplate 1.0 Directory Traversal (CVE-2021-40960) |
cve/CVE-2021-40960.yaml |
Optergy Proton/Enterprise Building Management System - Open Redirect (CVE-2019-7275) |
cve/CVE-2019-7275.yaml |
Atlassian Confluence Server - Local File Inclusion (CVE-2021-26085) |
cve/CVE-2021-26085.yaml |
Jira Server and Data Center - Information Disclosure (CVE-2020-14181) |
cve/CVE-2020-14181.yaml |
D-Link DIR-3040 1.13B03 - Information Disclosure (CVE-2021-21816) |
cve/CVE-2021-21816.yaml |
Graphite <=1.1.5 - Server-Side Request Forgery (CVE-2017-18638) |
cve/CVE-2017-18638.yaml |
Loytec LGATE-902 <6.4.2 - Local File Inclusion (CVE-2018-14916) |
cve/CVE-2018-14916.yaml |
74cms - ajax_street.php 'key' SQL Injection (CVE-2020-22210) |
cve/CVE-2020-22211.yaml |
Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion (CVE-2021-24227) |
cve/CVE-2021-24227.yaml |
WordPress Ninja Forms <3.3.18 - Cross-Site Scripting (CVE-2018-19287) |
cve/CVE-2018-19287.yaml |
Artica Web Proxy 4.30 - OS Command Injection (CVE-2020-17505) |
cve/CVE-2020-17505.yaml |
Joomla! Component CCNewsLetter - Local File Inclusion (CVE-2010-0467) |
cve/CVE-2010-0467.yaml |
Payara Micro Community 5.2021.6 Directory Traversal (CVE-2021-41381) |
cve/CVE-2021-41381.yaml |
Joomla! Component LoginBox - Local File Inclusion (CVE-2010-1353) |
cve/CVE-2010-1353.yaml |
WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting (CVE-2013-3526) |
cve/CVE-2013-3526.yaml |
AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion (CVE-2022-23854) |
cve/CVE-2022-23854.yaml |
Metinfo 7.0.0 beta - SQL Injection (CVE-2019-16997) |
cve/CVE-2019-16997.yaml |
Jira Rainbow.Zen - Cross-Site Scripting (CVE-2007-0885) |
cve/CVE-2007-0885.yaml |
Joomla! ionFiles 4.4.2 - Local File Inclusion (CVE-2008-6080) |
cve/CVE-2008-6080.yaml |
WordPress Chop Slider 3 - Blind SQL Injection (CVE-2020-11530) |
cve/CVE-2020-11530.yaml |
Landing Page Builder < 1.4.9.6 - Cross-Site Scripting (CVE-2021-25067) |
cve/CVE-2021-25067.yaml |
PrestaShop Product Comments <4.2.0 - SQL Injection (CVE-2020-26248) |
cve/CVE-2020-26248.yaml |
Good Layers LMS Plugin <= 2.1.4 - SQL Injection (CVE-2020-27481) |
cve/CVE-2020-27481.yaml |
Microsoft Open Management Infrastructure - Remote Code Execution (CVE-2021-38647) |
cve/CVE-2021-38647.yaml |
Joomla! Component Jw_allVideos - Arbitrary File Retrieval (CVE-2010-0696) |
cve/CVE-2010-0696.yaml |
XStream <1.4.16 - Remote Code Execution (CVE-2021-21345) |
cve/CVE-2021-21345.yaml |
LogonTracer <=1.2.0 - Remote Command Injection (CVE-2018-16167) |
cve/CVE-2018-16167.yaml |
NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure (CVE-2016-5649) |
cve/CVE-2016-5649.yaml |
ScoreMe Theme - Cross-Site Scripting (CVE-2016-10993) |
cve/CVE-2016-10993.yaml |
WordPress Site Editor <=1.1.1 - Local File Inclusion (CVE-2018-7422) |
cve/CVE-2018-7422.yaml |
Oracle WebLogic Server - Remote Command Execution (CVE-2020-14750) |
cve/CVE-2020-14750.yaml |
Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion (CVE-2013-7091) |
cve/CVE-2013-7091.yaml |
Majordomo2 - SMTP/HTTP Directory Traversal (CVE-2011-0049) |
cve/CVE-2011-0049.yaml |
WordPress Transposh Translation <1.0.8 - Cross-Site Scripting (CVE-2021-24910) |
cve/CVE-2021-24910.yaml |
karma-runner DOM-based Cross-Site Scripting (CVE-2022-0437) |
cve/CVE-2022-0437.yaml |
Kong Admin <=2.03 - Admin API Access (CVE-2020-11710) |
cve/CVE-2020-11710.yaml |
CHIYU TCP/IP Converter - Carriage Return Line Feed Injection (CVE-2021-31249) |
cve/CVE-2021-31249.yaml |
MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution |
cve/CVE-2020-15505.yaml |
WordPress WPSOLR <=8.6 - Cross-Site Scripting (CVE-2016-1000155) |
cve/CVE-2016-1000155.yaml |
Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload (CVE-2021-45428) |
cve/CVE-2021-45428.yaml |
SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution (CVE-2020-17456) |
cve/CVE-2020-17456.yaml |
EPrints 3.4.2 - Cross-Site Scripting (CVE-2021-26475) |
cve/CVE-2021-26475.yaml |
Pega Infinity - Authentication Bypass (CVE-2021-27651) |
cve/CVE-2021-27651.yaml |
Cacti v1.2.8 - Remote Code Execution (CVE-2020-8813) |
cve/CVE-2020-8813.yaml |
AppServ Open Project <=2.5.10 - Cross-Site Scripting (CVE-2008-2398) |
cve/CVE-2008-2398.yaml |
Microsoft Exchange Server SSRF Vulnerability (CVE-2021-26855) |
cve/CVE-2021-26855.yaml |
CirCarLife Scada <4.3 - System Log Exposure (CVE-2018-12634) |
cve/CVE-2018-12634.yaml |
Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect (CVE-2018-14931) |
cve/CVE-2018-14931.yaml |
Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion (CVE-2010-1217) |
cve/CVE-2010-1217.yaml |
Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure (CVE-2021-40149) |
cve/CVE-2021-40149.yaml |
WordPress Shareaholic <9.7.6 - Information Disclosure (CVE-2022-0594) |
cve/CVE-2022-0594.yaml |
Joomla! Component WMI 1.5.0 - Local File Inclusion (CVE-2010-1607) |
cve/CVE-2010-1607.yaml |
WordPress Easy Student Results <=2.2.8 - Improper Authorization (CVE-2022-2379) |
cve/CVE-2022-2379.yaml |
SugarCRM Enterprise 9.0.0 - Cross-Site Scripting (CVE-2019-14974) |
cve/CVE-2019-14974.yaml |
Joomla! Component VJDEO 1.0 - Local File Inclusion (CVE-2010-1354) |
cve/CVE-2010-1354.yaml |
Intel Active Management - Authentication Bypass (CVE-2017-5689) |
cve/CVE-2017-5689.yaml |
WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation (CVE-2021-24278) |
cve/CVE-2021-24278.yaml |
WordPress Admin Font Editor <=1.8 - Cross-Site Scripting (CVE-2016-1000126) |
cve/CVE-2016-1000126.yaml |
WordPress Checklist <1.1.9 - Cross-Site Scripting (CVE-2019-16525) |
cve/CVE-2019-16525.yaml |
Quixplorer <=2.4.1 - Cross-Site Scripting (CVE-2020-24902) |
cve/CVE-2020-24902.yaml |
Zeit Next.js <4.2.3 - Local File Inclusion (CVE-2018-6184) |
cve/CVE-2018-6184.yaml |
PHP CGI v5.3.12/5.4.2 Remote Code Execution (CVE-2012-1823) |
cve/CVE-2012-1823.yaml |
Joomla! Component com_biblestudy - Local File Inclusion (CVE-2010-0157) |
cve/CVE-2010-0157.yaml |
All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery (CVE-2022-2633) |
cve/CVE-2022-2633.yaml |
SonicWall SMA1000 LFI (CVE-2023-0126) |
cve/CVE-2023-0126.yaml |
XOOPS Core 2.5.8 - Open Redirect (CVE-2017-12138) |
cve/CVE-2017-12138.yaml |
Websvn <2.6.1 - Remote Code Execution (CVE-2021-32305) |
cve/CVE-2021-32305.yaml |
Atom CMS v2.0 - Remote Code Execution (CVE-2022-25487) |
cve/CVE-2022-25487.yaml |
PuneethReddyHC action.php SQL Injection (CVE-2021-41648) |
cve/CVE-2021-41648.yaml |
Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion (CVE-2010-1956) |
cve/CVE-2010-1956.yaml |
WAVLINK - Access Control (CVE-2020-10973) |
cve/CVE-2020-10973.yaml |
Apache APISIX - Insufficiently Protected Credentials (CVE-2020-13945) |
cve/CVE-2020-13945.yaml |
WordPress Button Generator <2.3.3 - Remote File Inclusion (CVE-2021-25052) |
cve/CVE-2021-25052.yaml |
Gogs 0.5.5 - 0.12.2 - Remote Code Execution (CVE-2020-15867) |
cve/CVE-2020-15867.yaml |
Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting (CVE-2020-29395) |
cve/CVE-2020-29395.yaml |