Nov 20, 2024, 7:36 AM Modified Detection- 114143Node-config Configuration File Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
New- 114502Cross-Site WebSocket Hijacking
- 114503Virtual Hosts Detected
- 114504Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection
- 114505HTTP Hop-By-Hop Headers Detected
- 114506Apache Tomcat 11.0.0 Cross-Site Scripting
- 114507Apache Tomcat 10.1.31 Cross-Site Scripting
- 114508Apache Tomcat 9.0.96 Cross-Site Scripting
- 114509Apache Tomcat 11.0.0-M1 < 11.0.0 Multiple Vulnerabilities
- 114510Apache Tomcat 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities
- 114511Apache Tomcat 9.0.0-M1 < 9.0.96 Multiple Vulnerabilities
- 114512Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass
- 114513Ivanti Cloud Services Appliance < 4.6 patch 519 Path Traversal
|
Nov 14, 2024, 7:27 AM Modified Detection- 112353ASP.NET DEBUG Method Enabled
- 112920GraphQL Cross-Site Request Forgery
- 113219Insecure Redirect Chain
- 114143Node-config Configuration File Detected
- 114223HTTP Request Smuggling
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 114497Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling
New- 114499Apache APISIX Dashboard < 2.10.1 Authentication Bypass
- 114500Apache APISIX Dashboard Default Credentials
- 114501jQuery < 1.9.0 Cross-Site Scripting
|
Nov 8, 2024, 9:56 AM Modified Detection- 113897HTML Comments Detected
- 114129Secret Data Disclosure
- 114223HTTP Request Smuggling
- 114386External Broken Resources Detected
- 114466Path Relative Stylesheet Import
- 114497Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling
|
Nov 5, 2024, 8:43 AM Modified Detection- 113897HTML Comments Detected
- 114129Secret Data Disclosure
- 114468SonarQube Public Projects Detected
- 114469CyberPanel < 2.37 Remote Command Execution
New- 114470Mastodon < 4.1.20 Regular Expression Denial of Service
- 114471Mastodon 4.2.x < 4.2.13 Regular Expression Denial of Service
- 114472Mastodon < 4.1.18 Multiples Vulnerabilities
- 114473Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities
- 114474Mastodon < 4.1.17 Multiples Vulnerabilities
- 114475Mastodon 4.2.x < 4.2.9 Multiples Vulnerabilities
- 114476Mastodon < 3.5.19 Unrestricted File Upload
- 114477Mastodon 4.0.x < 4.0.15 Unrestricted File Upload
- 114478Mastodon 4.1.x < 4.1.15 Unrestricted File Upload
- 114479Mastodon 4.2.x < 4.2.7 Unrestricted File Upload
- 114480Mastodon < 3.5.17 Authentication Bypass
- 114481Mastodon < 4.1.13 Authentication Bypass
- 114482Mastodon < 4.2.5 Authentication Bypass
- 114483Mastodon < 3.5.18 Multiples Vulnerabilities
- 114484Mastodon 4.0.x < 4.0.14 Multiples Vulnerabilities
- 114485Mastodon 4.1.x < 4.1.14 Multiples Vulnerabilities
- 114486Mastodon 4.2.x < 4.2.6 Multiples Vulnerabilities
- 114487Mastodon < 3.5.14 Multiples Vulnerabilities
- 114488Mastodon < 4.0.10 Multiples Vulnerabilities
- 114489Mastodon < 4.1.8 Multiples Vulnerabilities
- 114490Mastodon < 3.5.9 Multiples Vulnerabilities
- 114491Mastodon 4.0.x < 4.0.5 Multiples Vulnerabilities
- 114492Mastodon 4.1.x < 4.1.3 Multiples Vulnerabilities
- 114493Mastodon 2.5.0 < 3.5.8 LDAP injection
- 114494Mastodon 4.0.x < 4.0.4 LDAP injection
- 114495Mastodon 4.1.x < 4.1.2 LDAP injection
- 114496Apache Solr 5.3.0 < 8.11.4 / 9.x < 9.7.0 Authentication Bypass
|
Oct 31, 2024, 8:24 AM Modified Detection- 114466Path Relative Stylesheet Import
- 114469CyberPanel < 2.37 Remote Command Execution
|
Oct 29, 2024, 7:27 AM Modified Detection- 114466Path Relative Stylesheet Import
- 114468SonarQube Public Projects Detected
New- 114460Clockwork Detected
- 114461Clockwork Unrestricted Access
- 114462SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection
- 114463Robomongo File Detected
- 114464SSH Authorized Keys File Detected
- 114465SSH id_rsa File Detected
- 114467Danswer < 0.10.0-beta.1 Insecure Direct Object Reference
|
Oct 21, 2024, 7:11 AM Modified Detection- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 98228Drupal Unsupported Version
New- 114449Dolibarr 16.x < 16.0.5 Database Download
- 114450Mura/Masa CMS SQL Injection
- 114451XWiki Platform 7.0 < 14.4.8 / 14.5 < 14.10.4 Remote Code Execution
- 114452SEOPress Plugin for WordPress < 7.9 PHP Object Injection
- 114453Atlassian Confluence < 7.19.25 Cross-Site Scripting
- 114454Atlassian Confluence 7.20.x < 8.5.11 Cross-Site Scripting
- 114455Atlassian Confluence 8.6.x < 8.9.3 Cross-Site Scripting
- 114456Drupal 10.2.x < 10.2.10 Improper Error Handling
- 114457Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties
- 114458GiveWP Plugin for WordPress < 3.16.4 Remote Code Execution
- 114459Gradio < 4.37.1 Open Redirect
|
Oct 15, 2024, 6:35 AM Modified Detection- 114129Secret Data Disclosure
- 114247Authentication Check Pattern Found in Unauthenticated Browser
New- 114448Apache Tapestry Arbitrary File Read
|
Oct 3, 2024, 7:40 AM Modified Detection- 112550Full Path Disclosure
- 113393Performance Telemetry
- 114129Secret Data Disclosure
- 114439Express.js Cookie-Session Weak Secret Key
New- 114445PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
- 114446PHP 8.2.x < 8.2.24 Multiple Vulnerabilities
- 114447PHP 8.1.x < 8.1.30 Multiple Vulnerabilities
|
Sep 26, 2024, 12:54 PM Modified Detection- 114283Unrestricted File Upload
New- 114441PowerPress Podcasting Plugin for WordPress 11.9.3 / 11.9.4 Injected Backdoor
- 114442Pods Plugin for WordPress 3.2.3 Injected Backdoor
- 114443Social Warfare Plugin for WordPress 4.4.6.4 < 4.4.7.3 Injected Backdoor
- 114444Apache OFBiz < 18.12.16 Remote Code Execution
|
Sep 24, 2024, 6:34 AM Modified Detection- 112686JSON Web Token Detected
- 114433Ivanti EPM RecordGoodApp SQL Injection
- 114439Express.js Cookie-Session Weak Secret Key
New- 114432Laravel Weak Secret Key
- 114434Flask Weak Secret Key
- 114435Django Weak Secret Key
- 114436Ruby On Rails Weak Secret Key
- 114437Pyramid Weak Secret Key
- 114438Express.js Express-Session Weak Secret Key
- 114440LiteSpeed Cache Plugin for WordPress < 6.5.0.1 Sensitive Information Exposure
|
Sep 17, 2024, 6:25 AM Modified Detection- 98538Environment Configuration File Detected
New- 114429Service Worker Detected
- 114430Next.js Remote Patterns Server-Side Request Forgery
- 114431Next.js < 14.1.1 Server Actions Server-Side Request Forgery
|
Sep 12, 2024, 9:21 AM New- 114428Sequelize Configuration File Detected
|
Sep 9, 2024, 1:31 PM Modified Detection- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
New- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114424CKEditor < 5.35.0.1 Cross-Site Scripting
- 114425CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting
- 114426CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting
- 114427Gutenberg Forms Plugin for WordPress <= 2.2.9 Arbitrary File Upload
|
Sep 6, 2024, 11:19 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
- 112907GraphQL Interface Detected
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 98146Password Submitted Using GET Method
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114413Flowise < 2.0.6 Authentication Bypass
- 114414Joomla! 5.x < 5.1.3 Multiple Vulnerabilities
- 114415Joomla! 4.x < 4.4.7 Multiple Vulnerabilities
- 114416Joomla! 3.x < 3.10.17 Multiple Vulnerabilities
- 114417Atlassian Confluence < 7.19.26 Multiple Vulnerabilities
- 114418Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities
- 114419Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities
- 114420Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities
- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114423Nginx 1.25.x < 1.26.1 Multiple Vulnerabilities
|
Sep 3, 2024, 6:46 AM Modified Detection- 112353ASP.NET DEBUG Method Enabled
- 112544HTTP to HTTPS Redirect Not Enabled
- 112550Full Path Disclosure
- 112686JSON Web Token Detected
- 112907GraphQL Interface Detected
- 112920GraphQL Cross-Site Request Forgery
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113219Insecure Redirect Chain
- 113393Performance Telemetry
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 113897HTML Comments Detected
- 114006Web Cache Poisoning Denial of Service
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114223HTTP Request Smuggling
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 114283Unrestricted File Upload
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 114386External Broken Resources Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 98084Directory Listing
- 98114XPath Injection
- 98146Password Submitted Using GET Method
- 98228Drupal Unsupported Version
- 98538Environment Configuration File Detected
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
- 114401Nginx+ Dashboard Unrestricted Access
- 114402Nginx HTTP API Module Unrestricted Access
- 114403Laravel Pulse Unrestricted Access
- 114404Laravel Horizon Unrestricted Access
- 114405Laravel Telescope Unrestricted Access
- 114406LiteSpeed Cache Plugin for WordPress < 6.4 Privilege Escalation
- 114407Gradio Detected
- 114408Gradio Unauthenticated Access
- 114409Gradio 4.3 < 4.13 Local File Read
- 114410FCKEditor Unsupported Version
- 114411Ivanti Virtual Traffic Manager Authentication Bypass
|
Aug 12, 2024, 6:31 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 98084Directory Listing
- 98114XPath Injection
New- 114393Danswer Unauthenticated Access
- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
|
Aug 1, 2024, 6:42 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 113959GeoServer SQL Injection
- 114006Web Cache Poisoning Denial of Service
- 98084Directory Listing
- 98114XPath Injection
New- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
- 114393Danswer Unauthenticated Access
- 114394GeoServer Remote Code Execution
|
Jul 29, 2024, 7:28 AM Modified Detection- 113219Insecure Redirect Chain
- 113338Web Cache Poisoning
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
- 114382Missing 'Content-Type' Charset
- 114386External Broken Resources Detected
New- 114387PaperCut NG/MF < 22.1.3 Path Traversal
- 114388Facade Ignition < 2.5.2 Remote Code Execution
- 114389ChatGPT-web Detected
- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
|
Jul 22, 2024, 7:15 AM Modified Detection- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
- 114363Apache 2.4.60 Source Code Disclosure
- 114382Missing 'Content-Type' Charset
New- 114383Ivanti EPM Cloud Services Appliance < 4.6.0-512 Remote Code Execution
- 114384Progress Kemp LoadMaster Remote Command Execution
- 114385Apache 2.4.x < 2.4.62 Multiple Vulnerabilities
|
Jul 18, 2024, 6:31 AM Modified Detection- 113117Magento Administration Panel Login Form Bruteforced
- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
New- 114367H2O Flow Detected
- 114368Bricks Theme for WordPress < 1.9.6.1 Remote Code Execution
- 114369Qlik Sense Enterprise Path Traversal
- 114370Grafana Default Credentials
- 114371Odoo Database Manager Detected
- 114372Odoo Unprotected Database Manager
- 114376ServiceNow Server-Side Template Injection
- 114380Nortek Linear eMerge E3-Series < 0.32-08f Command Injection
|
Jul 5, 2024, 8:36 AM Modified Detection- 112353ASP.NET DEBUG Method Enabled
- 112544HTTP to HTTPS Redirect Not Enabled
- 112550Full Path Disclosure
- 112686JSON Web Token Detected
- 112907GraphQL Interface Detected
- 112920GraphQL Cross-Site Request Forgery
- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 113117Magento Administration Panel Login Form Bruteforced
- 113168Docker Compose Configuration Detected
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113219Insecure Redirect Chain
- 113338Web Cache Poisoning
- 113393Performance Telemetry
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 113897HTML Comments Detected
- 113959GeoServer SQL Injection
- 114006Web Cache Poisoning Denial of Service
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114223HTTP Request Smuggling
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 114283Unrestricted File Upload
- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
- 114363Apache 2.4.60 Source Code Disclosure
- 98084Directory Listing
- 98114XPath Injection
- 98146Password Submitted Using GET Method
- 98228Drupal Unsupported Version
- 98538Environment Configuration File Detected
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
- 114362ChatGPT Plugin Manifest Detected
- 114364Apache Tomcat 11.0.0-M1 < 11.0.0-M21 Denial Of Service
- 114365Apache Tomcat 10.1.0-M1 < 10.1.25 Denial Of Service
- 114366Apache Tomcat 9.0.0-M1 < 9.0.90 Denial Of Service
|
Jul 3, 2024, 6:38 AM Modified Detection- 112697JSON Web Token Weak Secret
- 114357Polyfill Detected
- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
New- 114329WordPress Emergency Password Reset Script Detected
- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
|
Jun 28, 2024, 7:58 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
New- 114329WordPress Emergency Password Reset Script Detected
- 114355Ivanti Endpoint Manager Mobile < 11.11.0.0 Authentication Bypass
- 114356Ivanti Sentry Authentication Bypass
|
Jun 26, 2024, 6:29 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 98112Cross-Site Request Forgery
New- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
- 114319Langflow Detected
- 114320Langflow Unauthenticated Access
- 114321Chatgpt.js Detected
- 114322PHP Input Variables Exceeded
- 114323MLflow Default Credentials
- 114324MLflow Unauthenticated Access
- 114326NextChat < 2.12.4 Server-Side Request Forgery
- 114327Ollama Detected
- 114328Ollama Unauthenticated Access
- 114330WordPress 4.1.x < 4.1.41 Multiple Vulnerabilities
- 114331WordPress 4.2.x < 4.2.38 Multiple Vulnerabilities
- 114332WordPress 4.3.x < 4.3.34 Multiple Vulnerabilities
- 114333WordPress 4.4.x < 4.4.33 Multiple Vulnerabilities
- 114334WordPress 4.5.x < 4.5.32 Multiple Vulnerabilities
- 114335WordPress 4.6.x < 4.6.29 Multiple Vulnerabilities
- 114336WordPress 4.7.x < 4.7.29 Multiple Vulnerabilities
- 114337WordPress 4.8.x < 4.8.25 Multiple Vulnerabilities
- 114338WordPress 4.9.x < 4.9.26 Multiple Vulnerabilities
- 114339WordPress 5.0.x < 5.0.22 Multiple Vulnerabilities
- 114340WordPress 5.1.x < 5.1.19 Multiple Vulnerabilities
- 114341WordPress 5.2.x < 5.2.21 Multiple Vulnerabilities
- 114342WordPress 5.3.x < 5.3.18 Multiple Vulnerabilities
- 114343WordPress 5.4.x < 5.4.16 Multiple Vulnerabilities
- 114344WordPress 5.5.x < 5.5.15 Multiple Vulnerabilities
- 114345WordPress 5.6.x < 5.6.14 Multiple Vulnerabilities
- 114346WordPress 5.7.x < 5.7.12 Multiple Vulnerabilities
- 114347WordPress 5.8.x < 5.8.10 Multiple Vulnerabilities
- 114348WordPress 5.9.x < 5.9.10 Multiple Vulnerabilities
- 114349WordPress 6.0.x < 6.0.9 Multiple Vulnerabilities
- 114350WordPress 6.1.x < 6.1.7 Multiple Vulnerabilities
- 114351WordPress 6.2.x < 6.2.6 Multiple Vulnerabilities
- 114352WordPress 6.3.x < 6.3.5 Multiple Vulnerabilities
- 114353WordPress 6.4.x < 6.4.5 Multiple Vulnerabilities
- 114354WordPress 6.5.x < 6.5.5 Multiple Vulnerabilities
|
Jun 20, 2024, 9:22 AM New- 114303AnythingLLM Detected
- 114304Open WebUI Detected
- 114305Quivr Detected
- 114306NextChat < 2.11.3 Server-Side Request Forgery
- 114307NextChat Detected
- 114308LibreChat Detected
- 114309Flowise Detected
- 114310Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting
- 114311Yoast SEO Plugin for WordPress < 22.6 Cross-Site Scripting
- 114312Flowise < 1.6.6 Authentication Bypass
- 114313Flowise Chatflow Detected
- 114314Atlassian Jira < 9.4.21 Information Disclosure
- 114315Atlassian Jira 9.5.x < 9.12.8 Information Disclosure
- 114316Atlassian Jira 9.13.x < 9.16.0 Information Disclosure
- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
|
Jun 14, 2024, 8:03 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
New- 114299Rejetto HTTP File Server 2.x Remote Code Execution
- 114300PHP CGI Argument Injection Remote Code Execution
- 114301CData Path Traversal
- 114302SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
|
Jun 10, 2024, 8:10 AM Modified Detection- 113211HTTP Verb Tampering
- 114283Unrestricted File Upload
- 98095Misconfiguration in LIMIT directive of .htaccess file
New- 114295Digest Authentication Bruteforced
- 114296PHP 8.3.x < 8.3.8 Multiple Vulnerabilities
- 114297PHP 8.2.x < 8.2.20 Multiple Vulnerabilities
- 114298PHP 8.1.x < 8.1.29 Multiple Vulnerabilities
|
Jun 5, 2024, 7:42 AM Modified Detection- 113162MySQLjs SQL Injection Authentication Bypass
- 113337NoSQL Injection Authentication Bypass
- 114283Unrestricted File Upload
- 98008Web Application Firewall Detected
New- 114292Concrete CMS Login Panel Detected
- 114293Concrete CMS Debug Mode Enabled
- 114294Progress Telerik Report Server Authentication Bypass
|
May 31, 2024, 12:23 PM Modified Detection- 113136Wordpress Administration Panel Login Form Bruteforced
- 114276Database Connection String Disclosure
New- 114285Contact Form 7 Plugin for WordPress < 5.8.4 Arbitrary File Upload
- 114286Contact Form 7 Plugin for WordPress < 5.9.2 Cross-Site Scripting
- 114287Atlassian Confluence 7.20.x < 8.5.9 Remote Code Execution
- 114288Atlassian Confluence 8.6.x < 8.9.1 Remote Code Execution
- 114289Atlassian Confluence < 7.19.22 Remote Code Execution
- 114290JetBrains TeamCity < 2023.11.3 Authentication Bypass
- 114291Check Point Quantum Gateway Directory Traversal
|
May 27, 2024, 6:33 AM Modified Detection- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 113078AngularJS Unsupported Version
- 114041Strapi Cognito Provider Authentication Bypass
- 114108Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
- 114281F5 BIG-IP Next Central Manager SQL Injection
New- 114284Nexus Repository 3.x < 3.68.1 Path Traversal
- 98036Client Certificate Authentication Detected
|
May 21, 2024, 11:00 AM Modified Detection- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 113078AngularJS Unsupported Version
- 113452WordPress Plugins Detected
- 98067Insecure Cross-Domain Policy (allow-access-from)
- 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
New- 114282Palo Alto PAN-OS GlobalProtect Remote Code Execution
|
May 16, 2024, 6:51 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
- 113165Apache mod_negotiation Alternative Filename Disclosure
- 113219Insecure Redirect Chain
- 114006Web Cache Poisoning Denial of Service
- 114237Open Proxy
- 114281F5 BIG-IP Next Central Manager SQL Injection
- 98107Cross-Site Scripting (XSS) in path
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
New- 114280Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities
|
May 6, 2024, 6:58 AM Modified Detection- 114276Database Connection String Disclosure
New- 114275IBM Aspera Faspex < 4.4.2 PL2 Remote Code Execution
- 114277Ghost CMS < 5.42.1 Path Traversal
- 114278Vercel Source Code Exposure
- 114279Vmware vRealize Network Insight Command Injection
|
Apr 26, 2024, 6:15 AM Modified Detection- 113310Blind XPath Injection (differential analysis)
- 98008Web Application Firewall Detected
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98136Target Information
New- 114274.NET HTTP Remoting Remote Code Execution
|
Apr 24, 2024, 7:42 AM Modified Detection- 114273CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape
|
Apr 23, 2024, 3:22 PM Modified Detection- 114006Web Cache Poisoning Denial of Service
- 114273CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape
New- 114263ReviewX Plugin for WordPress < 1.6.3 SQL Injection
- 114264One-click Countdowns Plugin for WordPress <= 0.6.2 SQL Injection
- 114265Events Made Easy Plugin for WordPress <= 2.3.14 SQL Injection
- 114266WP Popup Banners Plugin for WordPress <= 1.2.5 SQL Injection
- 114267Gift Cards (Gift Vouchers and Packages) Plugin for WordPress < 4.3.3 SQL Injection
- 114268Formidable PRO2PDF Plugin for WordPress < 3.11 SQL Injection
- 114269Django Debug Mode Enabled
- 114270PHP 8.3.x < 8.3.6 Multiple Vulnerabilities
- 114271PHP 8.2.x < 8.2.18 Multiple Vulnerabilities
- 114272PHP 8.1.x < 8.1.28 Multiple Vulnerabilities
|
Apr 22, 2024, 9:08 AM Modified Detection- 112552Deprecated Content Security Policy
- 112554Permissive Content Security Policy Detected
- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 114237Open Proxy
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114259Adobe ColdFusion Arbitrary File Read
- 114260Keycloak Information Disclosure
- 114261WSO2 Management Console Cross-Site Scripting
- 114262Request URL Override
|
Apr 12, 2024, 6:28 AM Modified Detection- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
New- 114245OpenCMS < 10.5.1 Multiples Vulnerabilities
- 114250Apache Superset < 2.1.0 Hardcoded Secret Key
- 114251Oracle Reports Servlet Arbitrary File Read
- 114252WordPress 6.1.x < 6.1.6 Cross-Site Scripting
- 114253WordPress 6.2.x < 6.2.5 Cross-Site Scripting
- 114254WordPress 6.3.x < 6.3.4 Cross-Site Scripting
- 114255WordPress 6.4.x < 6.4.4 Cross-Site Scripting
- 114256WordPress 6.5.x < 6.5.2 Cross-Site Scripting
- 114257Quarkus DevMode Enabled
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
|
Apr 9, 2024, 6:35 AM Modified Detection- 113010API Key Authentication Succeeded
- 113011API Key Authentication Failed
- 113012Bearer Token Authentication Succeeded
- 113013Bearer Token Authentication Failed
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 98034Login Form Authentication Failed
- 98035Login Form Authentication Succeeded
- 98139Cookie Authentication Succeeded
- 98140Cookie Authentication Failed
- 98141Selenium Authentication Succeeded
- 98142Selenium Authentication Failed
New- 114245OpenCMS < 10.5.1 Multiples Vulnerabilities
- 114246OpenCMS < 16.0 Multiples Vulnerabilities
- 114248Pentaho Business Server Server-Side Template Injection
- 114249Apache 2.4.x < 2.4.59 Multiple Vulnerabilities
|
Apr 3, 2024, 4:03 PM |
Apr 2, 2024, 8:49 AM Modified Detection- 113117Magento Administration Panel Login Form Bruteforced
- 114043Adobe ColdFusion Improper Access Control
- 98642Magento Administration Panel Login Form Detected
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114243Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Cross-Site Scripting
- 114244Payment Form Detected
|
Mar 25, 2024, 8:46 AM Modified Detection- 112526Missing 'X-XSS-Protection' Header
- 112527Disabled 'X-XSS-Protection' Header
- 112529Missing 'X-Content-Type-Options' Header
- 112535HTTP Strict Transport Security Policy Detected
- 112551Missing Content Security Policy
- 112552Deprecated Content Security Policy
- 112553Missing 'Cache-Control' Header
- 112554Permissive Content Security Policy Detected
- 112555Report Only Content Security Policy Detected
- 113333Duplicate HTTP Headers Detected
- 114042Adobe ColdFusion Remote Code Execution
- 114224Serialized Data Detected
- 114237Open Proxy
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 98057Insecure 'Access-Control-Allow-Origin' Header
- 98060Missing 'X-Frame-Options' Header
- 98084Directory Listing
- 98526Missing Permissions Policy
- 98527Missing Referrer Policy
- 98618HTTP Header Information Disclosure
- 98648Missing 'Content-Type' Header
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114241PrestaShop 1.7.7.0 SQL injection
- 114242Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Remote Code Execution
|
Mar 18, 2024, 8:50 AM Modified Detection- 112920GraphQL Cross-Site Request Forgery
- 113158Package Dependencies Detected
- 113162MySQLjs SQL Injection Authentication Bypass
- 113310Blind XPath Injection (differential analysis)
- 113337NoSQL Injection Authentication Bypass
- 114006Web Cache Poisoning Denial of Service
- 98056Missing HTTP Strict Transport Security Policy
- 98112Cross-Site Request Forgery
- 98114XPath Injection
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98642Magento Administration Panel Login Form Detected
New- 114230Sangfor NGAF Authentication Bypass
- 114231Cisco IOS XE Remote Code Execution
- 114232PHP Development Server < 7.4.22 Source Disclosure
- 114233Apache Tomcat 11.0.0-M1 < 11.0.0-M17 Denial Of Service
- 114234Apache Tomcat 10.1.0-M1 < 10.1.19 Denial Of Service
- 114235Apache Tomcat 9.0.0-M1 < 9.0.86 Denial Of Service
- 114236Apache Tomcat 8.5.x < 8.5.99 Denial Of Service
|
Mar 13, 2024, 6:13 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 112295Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities
- 112543HTTPS Not Detected
- 113075Apache Log4j Remote Code Execution (Log4Shell)
- 113158Package Dependencies Detected
- 113168Docker Compose Configuration Detected
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114108Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114224Serialized Data Detected
- 98060Missing 'X-Frame-Options' Header
- 98117Blind SQL Injection (differential analysis)
- 98607Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities
- 98642Magento Administration Panel Login Form Detected
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114225JetBrains TeamCity < 2023.11.4 Authentication Bypass
- 114226LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting
- 114227Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection
- 114228PyTorch Serve Server-Side Request Forgery
- 114229Popup Builder Plugin for WordPress < 4.2.3 Cross-Site Scripting
|
Mar 6, 2024, 7:34 AM Modified Detection- 113075Apache Log4j Remote Code Execution (Log4Shell)
- 114223HTTP Request Smuggling
- 114224Serialized Data Detected
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98607Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities
New- 114225JetBrains TeamCity < 2023.11.4 Authentication Bypass
- 114226LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting
- 114227Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection
|
Feb 27, 2024, 9:34 AM Modified Detection- 114214ConnectWise ScreenConnect < 23.9.8 Authentication Bypass
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 98047Allowed HTTP Methods
- 98117Blind SQL Injection (differential analysis)
New- 114219HTTP/2 Cleartext Upgrade Support Detected
|
Feb 21, 2024, 11:56 AM Modified Detection- 112705Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass
- 113010API Key Authentication Succeeded
- 113011API Key Authentication Failed
- 113012Bearer Token Authentication Succeeded
- 113013Bearer Token Authentication Failed
- 113310Blind XPath Injection (differential analysis)
- 113580Web Cache Deception
- 114006Web Cache Poisoning Denial of Service
- 114145Apache OFBiz Authentication Bypass
- 114214ConnectWise ScreenConnect < 23.9.8 Authentication Bypass
- 98034Login Form Authentication Failed
- 98035Login Form Authentication Succeeded
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98139Cookie Authentication Succeeded
- 98140Cookie Authentication Failed
- 98141Selenium Authentication Succeeded
- 98142Selenium Authentication Failed
New- 114211GraphQL Batching
- 114212Lead Generated Plugin for WordPress < 1.25 Insecure Deserialization
- 114213BuddyForms Plugin for WordPress < 2.7.8 Insecure Deserialization
- 114215Apache Tomcat 9.0.0-M11 < 9.0.44 Request Smuggling
- 114216Apache Tomcat 8.5.7 < 8.5.64 Request Smuggling
- 114217Joomla! 5.x < 5.0.3 Multiple Vulnerabilities
- 114218Joomla! 1.5.x < 4.4.3 Multiple Vulnerabilities
|
Feb 19, 2024, 10:57 AM Modified Detection- 114203Ivanti Connect Secure 9.x / 22.x XML External Entity
New- 114207Nginx 1.25.x < 1.25.4 Multiple Vulnerabilities
- 114208InPost Gallery Plugin for WordPress < 2.1.4.2 Cross-Site Scripting
- 114209Bulk Price Update for Woocommerce Plugin for WordPress < 2.2.2 Cross-Site Scripting
- 114210Meta Data and Taxonomies Filter Plugin for WordPress < 1.3.1 Cross-Site Scripting
|
Feb 15, 2024, 7:42 AM Modified Detection- 114027WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities
- 114122Appwrite Server-Side Request Forgery
- 114164Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection
- 114203Ivanti Connect Secure 9.x / 22.x XML External Entity
New- 114204My Calendar Plugin for WordPress < 3.4.22 SQL Injection
- 114205Html5 Video Player Plugin for WordPress < 2.5.25 SQL Injection
- 114206RStudio Connect < 2023.05 Open Redirect
|
