Mar 28, 2025, 9:13 AM Modified Detection- 112541SSL/TLS Certificate Common Name Mismatch
- 113123Dockerfile Detected
- 113168Docker Compose Configuration Detected
- 113943Disclosed Hong Kong Identity Number
- 114006Web Cache Poisoning Denial of Service
- 114434Flask Weak Secret Key
- 98920Disclosed US Social Security Number
New- 114669JFrog Artifactory Anonymous Deployment Detected
- 114680Age Gates Plugin for WordPress < 3.5.4 Local File Inclusion
- 114681Next.js 11.1.4 <= 13.5.6 Authorization Bypass
- 114682Next.js 14.x < 14.2.25 Authorization Bypass
- 114683Next.js 15.x < 15.2.3 Authorization Bypass
|
Mar 24, 2025, 12:29 PM Modified Detection- 114386External Broken Resources Detected
New- 114669JFrog Artifactory Anonymous Deployment Detected
- 114674ServiceNow SAML Single Sign-On Bypass
- 114675ServiceNow Public Knowledge Base Detected
- 114676Drupal 11.1.x < 11.1.5 Cross-Site Scripting
- 114677Drupal 11.0.x < 11.0.13 Cross-Site Scripting
- 114678Drupal 10.4.x < 10.4.5 Cross-Site Scripting
- 114679Drupal 8.0.x < 10.3.14 Cross-Site Scripting
- 114680Age Gates Plugin for WordPress < 3.5.4 Local File Inclusion
- 114681Next.js 11.1.4 <= 13.5.6 Authorization Bypass
- 114682Next.js 14.x < 14.2.25 Authorization Bypass
- 114683Next.js 15.x < 15.2.3 Authorization Bypass
|
Mar 18, 2025, 7:49 AM Modified Detection- 112907GraphQL Interface Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 114621Docker Public Registry Detected
- 98117Blind SQL Injection (differential analysis)
New- 114661Nokri – Job Board Theme for WordPress < 1.6.3 Arbitrary Password Change
- 114662SEO Automatic Seo Tools Plugin for WordPress Cross-Site Scripting
- 114663HUSKY (formerly WOOF) Plugin for WordPress < 1.3.6.6 Path Traversal
- 114664WHMPress Plugin for WordPress < 6.3-revision-1 Local File Inclusion
- 114665Joomla! 5.x < 5.2.5 Arbitrary File Upload
- 114666Joomla! 4.x < 4.4.12 Arbitrary File Upload
- 114667FlowiseAI Arbitrary File Upload
- 114668Langflow Unauthenticated Remote Code Execution
- 114670PHP 8.4.x < 8.4.5 Multiple Vulnerabilities
- 114671PHP 8.3.x < 8.3.19 Multiple Vulnerabilities
- 114672PHP 8.2.x < 8.2.28 Multiple Vulnerabilities
- 114673PHP 8.1.x < 8.1.32 Multiple Vulnerabilities
|
Mar 12, 2025, 8:08 AM New- 114653Ngrok Detected
- 114654ConnectWise ScreenConnect Detected
- 114655SimpleHelp Detected
- 114656Apache Tomcat 11.0.0-M1 < 11.0.3 Remote Code Execution
- 114657Apache Tomcat 10.1.0-M1 < 10.1.35 Remote Code Execution
- 114658Apache Tomcat 9.0.0-M1 < 9.0.99 Remote Code Execution
- 114659SimpleHelp Unauthenticated Path Traversal
- 114660SPIP CMS < 4.1.16 / 4.2.x < 4.2.13 / 4.3.x < 4.3.0-alpha2 Remote Code Execution
|
Mar 11, 2025, 7:30 AM Modified Detection- 114129Secret Data Disclosure
- 114614CraftCMS < 4.13.2 / 5.x < 5.5.2 Remote Code Execution
- 114621Docker Public Registry Detected
- 98104Cross-Site Scripting (XSS)
- 98117Blind SQL Injection (differential analysis)
- 98538Environment Configuration File Detected
New- 114609Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting
- 114615Username Disclosure
- 114616GitLab Public Sign-Up Detected
- 114617GitLab Public Projects Detected
- 114618GiveWP Plugin for WordPress < 3.20.0 Remote Code Execution
- 114619GitLab Public Snippets Detected
- 114620RustDesk Console Detected
- 114622LiteLLM Detected
- 114623LiteLLM < 1.48.18 Server-Side Request Forgery
- 114624RustDesk Console Default Credentials
- 114625LiteLLM Default Credentials
- 114626RustDesk API Admin Detected
- 114627RustDesk API Admin Registration Enabled
- 114628VNC Viewer for Java Detected
- 114629Newscrunch Plugin for WordPress < 1.8.4.1 Arbitrary File Upload
- 114630OpenVPN Access Server Detected
- 114631Kibana 8.15.x < 8.17.3 Prototype Pollution
- 114632Kibana 7.x < 7.17.23 Multiples Denial Of Service
- 114633Kibana 8.x < 8.15.0 Multiples Vulnerabilities
- 114634Kibana 7.x < 7.17.23 Multiples Vulnerabilities
- 114635Kibana 8.x < 8.14.2 Multiples Vulnerabilities
- 114636Kibana 8.15.x < 8.15.1 Multiples Vulnerabilities
- 114637Kibana 8.x < 8.14.0 Denial Of Service
- 114638Kibana 7.x < 7.17.23 Denial Of Service
- 114639Kibana 8.x < 8.14.0 Multiples Vulnerabilities
- 114640Kibana 7.x < 7.17.22 Multiples Vulnerabilities
- 114641Kibana 8.x < 8.11.2 Insertion of Sensitive Information into Log File
- 114642Kibana 7.13.x < 7.17.16 Insertion of Sensitive Information into Log File
- 114643Kibana 8.x < 8.11.1 Insertion of Sensitive Information into Log File
- 114644Kibana 8.x < 8.10.1 Insertion of Sensitive Information into Log File
- 114645Kibana 8.x < 8.7.1 Multiples Vulnerabilities
- 114646TSPlus Detected
- 114647Apache Guacamole Detected
- 114648Pritunl Detected
- 114649Sitecore XM/XP Remote Code Execution
- 114650BeyondTrust Remote Support Detected
- 114651AirDroid Detected
- 114652SonicWall SonicOS SSLVPN Authentication Bypass
|
Mar 3, 2025, 7:38 AM Modified Detection- 114166SOAP API Detected
- 114614CraftCMS < 4.13.2 / 5.x < 5.5.2 Remote Code Execution
New- 114608REST API Detected
- 114609Essential Addons for Elementor Plugin for WordPress < 6.0.15 Cross-Site Scripting
- 114610ASP.NET Cookieless Session State Enabled
- 114611Azure Entra ID Identity Provider Detected
- 114612NAKIVO Backup & Replication < 11.0.0.88174 Arbitrary File Read
- 114613Auth0 Identity Provider Detected
|
Feb 25, 2025, 7:32 AM Modified Detection- 113078AngularJS Unsupported Version
- 98083CAPTCHA Detection
- 98113XML External Entity
- 98228Drupal Unsupported Version
New- 114596Atlassian Jira UserPickerBrowser Information Disclosure
- 114598Palo Alto PAN-OS Authentication Bypass
- 114599DWT - Directory & Listing Theme for WordPress < 3.3.4 Cross-Site Scripting
- 114600Atlassian Jira Managefilters Information Disclosure
- 114601Atlassian Jira Public Dashboard Detected
- 114602Joomla! 5.x < 5.2.4 SQL injection
- 114603Joomla! 4.x < 4.4.11 SQL injection
- 114604Drupal 11.1.x < 11.1.3 Multiple Vulnerabilities
- 114605Drupal 11.0.x < 11.0.12 Multiple Vulnerabilities
- 114606Drupal 10.4.x < 10.4.3 Multiple Vulnerabilities
- 114607Drupal 8.0.x < 10.3.13 Multiple Vulnerabilities
|
Feb 12, 2025, 8:43 AM Modified Detection- 113031Out-of-Date JQuery UI Detected
- 113034Out-of-Date MediaElement.Js Detected
New- 114412WebSocket Unencrypted Traffic
- 114586LobeChat < 1.19.13 Server-Side Request Forgery
- 114587LobeChat < 0.162.25 Sensitive Data Exposure
- 114588LobeChat < 0.150.6 Server-Side Request Forgery
- 114589LobeChat < 0.122.4 Improper Access Control
- 114591GSheetConnector for Forminator Forms for WordPress Cross-Site Scripting
- 114592Multilang Contact Form Plugin for WordPress Cross-Site Scripting
- 114593Build Private Store For Woocommerce Plugin for WordPress < 1.1 Cross-Site Request Forgery
- 114594Nginx 1.27.x < 1.27.4 SSL Session Reuse
- 114595Nginx 1.11.4 < 1.26.3 SSL Session Reuse
- 114596Atlassian Jira UserPickerBrowser Information Disclosure
- 114597Atlassian Confluence Public Space Detected
|
Feb 3, 2025, 8:23 AM New- 114584Drupal Full Path Disclosures
- 114585LobeChat Detected
- 114586LobeChat < 1.19.13 Server-Side Request Forgery
- 114587LobeChat < 0.162.25 Sensitive Data Exposure
- 114588LobeChat < 0.150.6 Server-Side Request Forgery
- 114589LobeChat < 0.122.4 Improper Access Control
- 114590Microsoft Exchange Autodiscover V2 User Enumeration
|
Jan 29, 2025, 8:07 AM Modified Detection- 113162MySQLjs SQL Injection Authentication Bypass
- 113337NoSQL Injection Authentication Bypass
- 98117Blind SQL Injection (differential analysis)
New- 114572DNS Dangling Record
- 114581Masa CMS < 7.2.1 Path Traversal
- 114582Masa CMS < 7.2.5 / 7.3.x < 7.3.10 Authentication Bypass
- 114583Masa CMS Default Credentials
|
Jan 28, 2025, 7:36 AM Modified Detection- 113158Package Dependencies Detected
- 114146Subdomain Takeover
New- 114567Oak Server < 17.1.3 Path Traversal
- 114568GitHub Workflow Detected
- 114569Atlassian BitBucket Public Repository Detected
- 114570Envoy Admin Interface Exposed
- 114571Istio Sensitive Information Disclosure
- 114572DNS Dangling Record
- 114573Microsoft Remote Desktop Web Access Detected
- 114574Spring Framework 5.3.x < 5.3.40 / 6.0.x < 6.0.24 / 6.1.x < 6.1.13 Path Traversal
- 114575Ollama Multiples Vulnerabilities
- 114576Ollama < 0.4.0 Remote Code Execution
- 114577Ollama < 0.1.47 Path Traversal
- 114578Ollama < 0.1.46 Multiples Vulnerabilities
- 114579Ollama < 0.1.34 Multiples Vulnerabilities
- 114580Ollama < 0.1.29 DNS Rebinding
|
Jan 20, 2025, 8:50 AM Modified Detection- 113310Blind XPath Injection (differential analysis)
- 113943Disclosed Hong Kong Identity Number
- 98119Blind NoSQL Injection (differential analysis)
|
Jan 17, 2025, 9:29 AM Modified Detection- 112526Missing 'X-XSS-Protection' Header (deprecated)
- 113943Disclosed Hong Kong Identity Number
- 114029Well-Known URIs Detected
- 114146Subdomain Takeover
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
- 98070Common Administration Interfaces Detection
- 98071Common Files Detection
- 98109DOM-based Cross-Site Scripting (XSS)
New- 114543Plugin Telemetry
- 114550Joomla! 5.x < 5.2.3 Multiple Vulnerabilities
- 114551Roundcube Webmail < 1.4.14 Cross-Site-Scripting
- 114552Roundcube Webmail 1.5.x < 1.5.4 Cross-Site-Scripting
- 114553Roundcube Webmail 1.6.x < 1.6.3 Cross-Site-Scripting
- 114554Roundcube Webmail 1.5.x < 1.5.8 Multiples Vulnerabilities
- 114555Roundcube Webmail 1.6.x < 1.6.8 Multiples Vulnerabilities
- 114556Roundcube Webmail 1.5.x < 1.5.7 Multiples Vulnerabilities
- 114557Roundcube Webmail 1.6.x < 1.6.7 Multiples Vulnerabilities
- 114558Roundcube Webmail 1.5.x < 1.5.6 Cross-Site-Scripting
- 114559Roundcube Webmail 1.6.x < 1.6.5 Cross-Site-Scripting
- 114560Roundcube Webmail < 1.4.15 Cross-Site-Scripting
- 114561Roundcube Webmail 1.5.x < 1.5.5 Cross-Site-Scripting
- 114562Roundcube Webmail 1.6.x < 1.6.4 Cross-Site-Scripting
- 114563GiveWP Plugin for WordPress < 3.19.4 Remote Code Execution
- 114564Content Security Policy Permissive Sources
- 114565Joomla! 4.x < 4.4.10 Multiple Vulnerabilities
- 114566Joomla! 3.x < 3.10.20 Multiple Vulnerabilities
|
Jan 7, 2025, 8:44 AM Modified Detection- 112526Missing 'X-XSS-Protection' Header (deprecated)
- 112541SSL/TLS Certificate Common Name Mismatch
- 112907GraphQL Interface Detected
- 113031Out-of-Date JQuery UI Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113059OPcache UI Detected
- 113078AngularJS Unsupported Version
- 113123Dockerfile Detected
- 113158Package Dependencies Detected
- 113162MySQLjs SQL Injection Authentication Bypass
- 113168Docker Compose Configuration Detected
- 113310Blind XPath Injection (differential analysis)
- 113337NoSQL Injection Authentication Bypass
- 113943Disclosed Hong Kong Identity Number
- 114006Web Cache Poisoning Denial of Service
- 114029Well-Known URIs Detected
- 114129Secret Data Disclosure
- 114146Subdomain Takeover
- 114166SOAP API Detected
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
- 114386External Broken Resources Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 114434Flask Weak Secret Key
- 114549Apache Struts < 6.4.0 Unrestricted File Upload (S2-067)
- 98070Common Administration Interfaces Detection
- 98071Common Files Detection
- 98083CAPTCHA Detection
- 98100Path Traversal
- 98104Cross-Site Scripting (XSS)
- 98107Cross-Site Scripting (XSS) in path
- 98109DOM-based Cross-Site Scripting (XSS)
- 98110DOM-based Cross-Site Scripting (XSS) in attribute context
- 98113XML External Entity
- 98115SQL Injection
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98228Drupal Unsupported Version
- 98538Environment Configuration File Detected
- 98611Error Message
- 98920Disclosed US Social Security Number
New- 114546Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities
- 114547Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities
- 114548Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities
|
Dec 23, 2024, 1:24 PM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 98107Cross-Site Scripting (XSS) in path
- 98109DOM-based Cross-Site Scripting (XSS)
- 98110DOM-based Cross-Site Scripting (XSS) in attribute context
New- 114546Apache Tomcat 11.0.0-M1 < 11.0.2 Multiple Vulnerabilities
- 114547Apache Tomcat 10.1.0-M1 < 10.1.34 Multiple Vulnerabilities
- 114548Apache Tomcat 9.0.0-M1 < 9.0.98 Multiple Vulnerabilities
|
Dec 19, 2024, 7:27 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 112719Client-Side Prototype Pollution
- 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
- 112727Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057)
- 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
- 112742Apache Struts 2 < 2.3.29 DevMode Remote Code Execution
- 112760Apache Struts 2 Demo Application Detected
- 112762Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048)
- 112763Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052)
- 114129Secret Data Disclosure
- 114469CyberPanel < 2.3.8 Remote Command Execution
- 98115SQL Injection
New- 114542Cleo < 5.8.0.21 Unrestricted File Read/Upload
- 114544Cleo < 5.8.0.24 Unrestricted File Upload
- 114545Hunk Companion Plugin for WordPress < 1.9.0 Arbitrary Plugin Installation
|
Dec 10, 2024, 7:32 AM Modified Detection- 114469CyberPanel < 2.3.8 Remote Command Execution
New- 114524Ivanti EPM XML External Entity
- 114529GeoServer 2.10.0 < 2.24.4 Sensitive Information Exposure
- 114530GeoServer 2.25.0 < 2.25.1 Sensitive Information Exposure
- 114531GeoServer < 2.23.5 Path Traversal
- 114532GeoServer 2.24.0 < 2.24.3 Path Traversal
- 114533GeoServer 2.24.0 < 2.24.2 Path Traversal
- 114534GeoServer < 2.23.4 Multiples Vulnerabilities
- 114535GeoServer 2.24.0 < 2.24.1 Multiples Vulnerabilities
- 114536GeoServer < 2.23.4 Path Traversal
- 114537GeoServer < 2.23.3 Multiples Vulnerabilities
- 114538GeoServer < 2.22.5 Multiples Vulnerabilities
- 114539GeoServer 2.23.0 < 2.23.1 Multiples Vulnerabilities
- 114540GeoServer < 2.19.6 Insecure Deserialization
- 114541GeoServer 2.20.0 < 2.20.4 Insecure Deserialization
|
Dec 3, 2024, 8:16 AM Modified Detection- 114129Secret Data Disclosure
- 114223HTTP Request Smuggling
- 98077Private IP Address Disclosure
- 98623Host Header Injection
New- 114524Ivanti EPM XML External Entity
- 114525Spring Eureka Detected
- 114526Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.45 Authorization Bypass
- 114527Spam protection, Anti-Spam, FireWall by CleanTalk Plugin for WordPress < 6.44 Authorization Bypass
- 114528PhpSysInfo Detected
|
Nov 26, 2024, 7:19 AM Modified Detection- 113158Package Dependencies Detected
- 114129Secret Data Disclosure
- 114503Virtual Hosts Detected
- 98067Insecure Cross-Domain Policy (allow-access-from)
- 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
New- 114512Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass
- 114514Palo Alto PAN-OS GlobalProtect Authentication Bypass
- 114515Surecart Plugin for WordPress < 2.30.0 SQL Injection
- 114516PHP 8.3.x < 8.3.14 Multiple Vulnerabilities
- 114517PHP 8.2.x < 8.2.26 Multiple Vulnerabilities
- 114518PHP 8.1.x < 8.1.31 Multiple Vulnerabilities
- 114519Drupal 11.0.x < 11.0.8 Multiple Vulnerabilities
- 114520Drupal 10.3.x < 10.3.9 Multiple Vulnerabilities
- 114521Drupal 10.2.x < 10.2.11 Multiple Vulnerabilities
- 114522Drupal 7.x < 7.102 Multiple Vulnerabilities
- 114523Sitecore 8.x < 10.4 Arbitrary File Read
|
Nov 20, 2024, 7:36 AM Modified Detection- 114143Node-config Configuration File Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 114497Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling
- 114503Virtual Hosts Detected
New- 114502Cross-Site WebSocket Hijacking
- 114504Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection
- 114505HTTP Hop-By-Hop Headers Detected
- 114506Apache Tomcat 11.0.0 Cross-Site Scripting
- 114507Apache Tomcat 10.1.31 Cross-Site Scripting
- 114508Apache Tomcat 9.0.96 Cross-Site Scripting
- 114509Apache Tomcat 11.0.0-M1 < 11.0.0 Multiple Vulnerabilities
- 114510Apache Tomcat 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities
- 114511Apache Tomcat 9.0.0-M1 < 9.0.96 Multiple Vulnerabilities
- 114512Really Simple Security Plugin for WordPress 9.x < 9.1.2 Authentication Bypass
- 114513Ivanti Cloud Services Appliance < 4.6 patch 519 Path Traversal
|
Nov 14, 2024, 7:27 AM Modified Detection- 112353ASP.NET DEBUG Method Enabled
- 112920GraphQL Cross-Site Request Forgery
- 113219Insecure Redirect Chain
- 114143Node-config Configuration File Detected
- 114223HTTP Request Smuggling
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 114497Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling
New- 114499Apache APISIX Dashboard < 2.10.1 Authentication Bypass
- 114500Apache APISIX Dashboard Default Credentials
- 114501jQuery < 1.9.0 Cross-Site Scripting
|
Nov 8, 2024, 9:56 AM Modified Detection- 113897HTML Comments Detected
- 114129Secret Data Disclosure
- 114223HTTP Request Smuggling
- 114386External Broken Resources Detected
- 114466Path Relative Stylesheet Import
- 114497Symfony < 5.4.46 / 6.x < 6.4.14 / 7.x < 7.1.7 Improper Input Handling
|
Nov 5, 2024, 8:43 AM Modified Detection- 113897HTML Comments Detected
- 114129Secret Data Disclosure
- 114468SonarQube Public Projects Detected
- 114469CyberPanel < 2.3.8 Remote Command Execution
New- 114470Mastodon < 4.1.20 Regular Expression Denial of Service
- 114471Mastodon 4.2.x < 4.2.13 Regular Expression Denial of Service
- 114472Mastodon < 4.1.18 Multiples Vulnerabilities
- 114473Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities
- 114474Mastodon < 4.1.17 Multiples Vulnerabilities
- 114475Mastodon 4.2.x < 4.2.9 Multiples Vulnerabilities
- 114476Mastodon < 3.5.19 Unrestricted File Upload
- 114477Mastodon 4.0.x < 4.0.15 Unrestricted File Upload
- 114478Mastodon 4.1.x < 4.1.15 Unrestricted File Upload
- 114479Mastodon 4.2.x < 4.2.7 Unrestricted File Upload
- 114480Mastodon < 3.5.17 Authentication Bypass
- 114481Mastodon < 4.1.13 Authentication Bypass
- 114482Mastodon < 4.2.5 Authentication Bypass
- 114483Mastodon < 3.5.18 Multiples Vulnerabilities
- 114484Mastodon 4.0.x < 4.0.14 Multiples Vulnerabilities
- 114485Mastodon 4.1.x < 4.1.14 Multiples Vulnerabilities
- 114486Mastodon 4.2.x < 4.2.6 Multiples Vulnerabilities
- 114487Mastodon < 3.5.14 Multiples Vulnerabilities
- 114488Mastodon < 4.0.10 Multiples Vulnerabilities
- 114489Mastodon < 4.1.8 Multiples Vulnerabilities
- 114490Mastodon < 3.5.9 Multiples Vulnerabilities
- 114491Mastodon 4.0.x < 4.0.5 Multiples Vulnerabilities
- 114492Mastodon 4.1.x < 4.1.3 Multiples Vulnerabilities
- 114493Mastodon 2.5.0 < 3.5.8 LDAP injection
- 114494Mastodon 4.0.x < 4.0.4 LDAP injection
- 114495Mastodon 4.1.x < 4.1.2 LDAP injection
- 114496Apache Solr 5.3.0 < 8.11.4 / 9.x < 9.7.0 Authentication Bypass
|
Oct 31, 2024, 8:24 AM Modified Detection- 114466Path Relative Stylesheet Import
- 114469CyberPanel < 2.3.8 Remote Command Execution
|
Oct 29, 2024, 7:27 AM Modified Detection- 114466Path Relative Stylesheet Import
- 114468SonarQube Public Projects Detected
New- 114460Clockwork Detected
- 114461Clockwork Unrestricted Access
- 114462SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection
- 114463Robomongo File Detected
- 114464SSH Authorized Keys File Detected
- 114465SSH id_rsa File Detected
- 114467Danswer < 0.10.0-beta.1 Insecure Direct Object Reference
|
Oct 21, 2024, 7:11 AM Modified Detection- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 98228Drupal Unsupported Version
New- 114449Dolibarr 16.x < 16.0.5 Database Download
- 114450Mura/Masa CMS SQL Injection
- 114451XWiki Platform 7.0 < 14.4.8 / 14.5 < 14.10.4 Remote Code Execution
- 114452SEOPress Plugin for WordPress < 7.9 PHP Object Injection
- 114453Atlassian Confluence < 7.19.25 Cross-Site Scripting
- 114454Atlassian Confluence 7.20.x < 8.5.11 Cross-Site Scripting
- 114455Atlassian Confluence 8.6.x < 8.9.3 Cross-Site Scripting
- 114456Drupal 10.2.x < 10.2.10 Improper Error Handling
- 114457Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties
- 114458GiveWP Plugin for WordPress < 3.16.4 Remote Code Execution
- 114459Gradio < 4.37.1 Open Redirect
|
Oct 15, 2024, 6:35 AM Modified Detection- 114129Secret Data Disclosure
- 114247Authentication Check Pattern Found in Unauthenticated Browser
New- 114448Apache Tapestry Arbitrary File Read
|
Oct 3, 2024, 7:40 AM Modified Detection- 112550Full Path Disclosure
- 113393Performance Telemetry
- 114129Secret Data Disclosure
- 114439Express.js Cookie-Session Weak Secret Key
New- 114445PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
- 114446PHP 8.2.x < 8.2.24 Multiple Vulnerabilities
- 114447PHP 8.1.x < 8.1.30 Multiple Vulnerabilities
|
Sep 26, 2024, 12:54 PM Modified Detection- 114283Unrestricted File Upload
New- 114441PowerPress Podcasting Plugin for WordPress 11.9.3 / 11.9.4 Injected Backdoor
- 114442Pods Plugin for WordPress 3.2.3 Injected Backdoor
- 114443Social Warfare Plugin for WordPress 4.4.6.4 < 4.4.7.3 Injected Backdoor
- 114444Apache OFBiz < 18.12.16 Remote Code Execution
|
Sep 24, 2024, 6:34 AM Modified Detection- 112686JSON Web Token Detected
- 114433Ivanti EPM RecordGoodApp SQL Injection
- 114434Flask Weak Secret Key
- 114439Express.js Cookie-Session Weak Secret Key
New- 114432Laravel Weak Secret Key
- 114435Django Weak Secret Key
- 114436Ruby On Rails Weak Secret Key
- 114437Pyramid Weak Secret Key
- 114438Express.js Express-Session Weak Secret Key
- 114440LiteSpeed Cache Plugin for WordPress < 6.5.0.1 Sensitive Information Exposure
|
Sep 17, 2024, 6:25 AM Modified Detection- 98538Environment Configuration File Detected
New- 114429Service Worker Detected
- 114430Next.js Remote Patterns Server-Side Request Forgery
- 114431Next.js < 14.1.1 Server Actions Server-Side Request Forgery
|
Sep 12, 2024, 9:21 AM New- 114428Sequelize Configuration File Detected
|
Sep 9, 2024, 1:31 PM Modified Detection- 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
- 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
New- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114424CKEditor < 5.35.0.1 Cross-Site Scripting
- 114425CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting
- 114426CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting
- 114427Gutenberg Forms Plugin for WordPress <= 2.2.9 Arbitrary File Upload
|
Sep 6, 2024, 11:19 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
- 112907GraphQL Interface Detected
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 98146Password Submitted Using GET Method
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114413Flowise < 2.0.6 Authentication Bypass
- 114414Joomla! 5.x < 5.1.3 Multiple Vulnerabilities
- 114415Joomla! 4.x < 4.4.7 Multiple Vulnerabilities
- 114416Joomla! 3.x < 3.10.17 Multiple Vulnerabilities
- 114417Atlassian Confluence < 7.19.26 Multiple Vulnerabilities
- 114418Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities
- 114419Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities
- 114420Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities
- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114423Nginx 1.25.x < 1.26.1 Multiple Vulnerabilities
|
Sep 3, 2024, 6:46 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 112353ASP.NET DEBUG Method Enabled
- 112526Missing 'X-XSS-Protection' Header (deprecated)
- 112541SSL/TLS Certificate Common Name Mismatch
- 112544HTTP to HTTPS Redirect Not Enabled
- 112550Full Path Disclosure
- 112686JSON Web Token Detected
- 112719Client-Side Prototype Pollution
- 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
- 112727Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057)
- 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
- 112742Apache Struts 2 < 2.3.29 DevMode Remote Code Execution
- 112760Apache Struts 2 Demo Application Detected
- 112762Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048)
- 112763Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052)
- 112907GraphQL Interface Detected
- 112920GraphQL Cross-Site Request Forgery
- 113031Out-of-Date JQuery UI Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113059OPcache UI Detected
- 113078AngularJS Unsupported Version
- 113123Dockerfile Detected
- 113158Package Dependencies Detected
- 113162MySQLjs SQL Injection Authentication Bypass
- 113168Docker Compose Configuration Detected
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113219Insecure Redirect Chain
- 113310Blind XPath Injection (differential analysis)
- 113337NoSQL Injection Authentication Bypass
- 113393Performance Telemetry
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 113897HTML Comments Detected
- 113943Disclosed Hong Kong Identity Number
- 114006Web Cache Poisoning Denial of Service
- 114029Well-Known URIs Detected
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114146Subdomain Takeover
- 114166SOAP API Detected
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114223HTTP Request Smuggling
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
- 114283Unrestricted File Upload
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 114386External Broken Resources Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 98067Insecure Cross-Domain Policy (allow-access-from)
- 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
- 98070Common Administration Interfaces Detection
- 98071Common Files Detection
- 98077Private IP Address Disclosure
- 98083CAPTCHA Detection
- 98084Directory Listing
- 98100Path Traversal
- 98104Cross-Site Scripting (XSS)
- 98107Cross-Site Scripting (XSS) in path
- 98109DOM-based Cross-Site Scripting (XSS)
- 98110DOM-based Cross-Site Scripting (XSS) in attribute context
- 98113XML External Entity
- 98114XPath Injection
- 98115SQL Injection
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98146Password Submitted Using GET Method
- 98228Drupal Unsupported Version
- 98538Environment Configuration File Detected
- 98611Error Message
- 98623Host Header Injection
- 98920Disclosed US Social Security Number
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
- 114401Nginx+ Dashboard Unrestricted Access
- 114402Nginx HTTP API Module Unrestricted Access
- 114403Laravel Pulse Unrestricted Access
- 114404Laravel Horizon Unrestricted Access
- 114405Laravel Telescope Unrestricted Access
- 114406LiteSpeed Cache Plugin for WordPress < 6.4 Privilege Escalation
- 114407Gradio Detected
- 114408Gradio Unauthenticated Access
- 114409Gradio 4.3 < 4.13 Local File Read
- 114410FCKEditor Unsupported Version
- 114411Ivanti Virtual Traffic Manager Authentication Bypass
|
Aug 12, 2024, 6:31 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 98084Directory Listing
- 98114XPath Injection
New- 114393Danswer Unauthenticated Access
- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
|
Aug 1, 2024, 6:42 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 113959GeoServer SQL Injection
- 114006Web Cache Poisoning Denial of Service
- 98084Directory Listing
- 98114XPath Injection
New- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
- 114393Danswer Unauthenticated Access
- 114394GeoServer Remote Code Execution
|
Jul 29, 2024, 7:28 AM Modified Detection- 113219Insecure Redirect Chain
- 113338Web Cache Poisoning
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
- 114382Missing 'Content-Type' Charset
- 114386External Broken Resources Detected
New- 114387PaperCut NG/MF < 22.1.3 Path Traversal
- 114388Facade Ignition < 2.5.2 Remote Code Execution
- 114389ChatGPT-web Detected
- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
|
Jul 22, 2024, 7:15 AM Modified Detection- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
- 114363Apache 2.4.60 Source Code Disclosure
- 114382Missing 'Content-Type' Charset
New- 114383Ivanti EPM Cloud Services Appliance < 4.6.0-512 Remote Code Execution
- 114384Progress Kemp LoadMaster Remote Command Execution
- 114385Apache 2.4.x < 2.4.62 Multiple Vulnerabilities
|
Jul 18, 2024, 6:31 AM Modified Detection- 113117Magento Administration Panel Login Form Bruteforced
- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
New- 114367H2O Flow Detected
- 114368Bricks Theme for WordPress < 1.9.6.1 Remote Code Execution
- 114369Qlik Sense Enterprise Path Traversal
- 114370Grafana Default Credentials
- 114371Odoo Database Manager Detected
- 114372Odoo Unprotected Database Manager
- 114376ServiceNow Server-Side Template Injection
- 114380Nortek Linear eMerge E3-Series < 0.32-08f Command Injection
|
Jul 5, 2024, 8:36 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 112353ASP.NET DEBUG Method Enabled
- 112526Missing 'X-XSS-Protection' Header (deprecated)
- 112541SSL/TLS Certificate Common Name Mismatch
- 112544HTTP to HTTPS Redirect Not Enabled
- 112550Full Path Disclosure
- 112686JSON Web Token Detected
- 112719Client-Side Prototype Pollution
- 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
- 112727Apache Struts 2.0.4 < 2.3.35 / 2.5.x < 2.5.17 Remote Code Execution (S2-057)
- 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
- 112742Apache Struts 2 < 2.3.29 DevMode Remote Code Execution
- 112760Apache Struts 2 Demo Application Detected
- 112762Apache Struts 2 < 2.3.33 Remote Code Execution (S2-048)
- 112763Apache Struts 2.1.6 < 2.3.34 / 2.5 < 2.5.13 Remote Code Execution (S2-052)
- 112907GraphQL Interface Detected
- 112920GraphQL Cross-Site Request Forgery
- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 113059OPcache UI Detected
- 113078AngularJS Unsupported Version
- 113117Magento Administration Panel Login Form Bruteforced
- 113123Dockerfile Detected
- 113158Package Dependencies Detected
- 113162MySQLjs SQL Injection Authentication Bypass
- 113168Docker Compose Configuration Detected
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113219Insecure Redirect Chain
- 113310Blind XPath Injection (differential analysis)
- 113337NoSQL Injection Authentication Bypass
- 113338Web Cache Poisoning
- 113393Performance Telemetry
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 113897HTML Comments Detected
- 113943Disclosed Hong Kong Identity Number
- 113959GeoServer SQL Injection
- 114006Web Cache Poisoning Denial of Service
- 114029Well-Known URIs Detected
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114146Subdomain Takeover
- 114166SOAP API Detected
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114223HTTP Request Smuggling
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
- 114283Unrestricted File Upload
- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
- 114363Apache 2.4.60 Source Code Disclosure
- 98067Insecure Cross-Domain Policy (allow-access-from)
- 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
- 98070Common Administration Interfaces Detection
- 98071Common Files Detection
- 98077Private IP Address Disclosure
- 98083CAPTCHA Detection
- 98084Directory Listing
- 98100Path Traversal
- 98104Cross-Site Scripting (XSS)
- 98107Cross-Site Scripting (XSS) in path
- 98109DOM-based Cross-Site Scripting (XSS)
- 98110DOM-based Cross-Site Scripting (XSS) in attribute context
- 98113XML External Entity
- 98114XPath Injection
- 98115SQL Injection
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98146Password Submitted Using GET Method
- 98228Drupal Unsupported Version
- 98538Environment Configuration File Detected
- 98611Error Message
- 98623Host Header Injection
- 98920Disclosed US Social Security Number
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
- 114362ChatGPT Plugin Manifest Detected
- 114364Apache Tomcat 11.0.0-M1 < 11.0.0-M21 Denial Of Service
- 114365Apache Tomcat 10.1.0-M1 < 10.1.25 Denial Of Service
- 114366Apache Tomcat 9.0.0-M1 < 9.0.90 Denial Of Service
|
Jul 3, 2024, 6:38 AM Modified Detection- 112697JSON Web Token Weak Secret
- 114357Polyfill Detected
- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
New- 114329WordPress Emergency Password Reset Script Detected
- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
|
Jun 28, 2024, 7:58 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
New- 114329WordPress Emergency Password Reset Script Detected
- 114355Ivanti Endpoint Manager Mobile < 11.11.0.0 Authentication Bypass
- 114356Ivanti Sentry Authentication Bypass
|
Jun 26, 2024, 6:29 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 98112Cross-Site Request Forgery
New- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
- 114319Langflow Detected
- 114320Langflow Unauthenticated Access
- 114321Chatgpt.js Detected
- 114322PHP Input Variables Exceeded
- 114323MLflow Default Credentials
- 114324MLflow Unauthenticated Access
- 114326NextChat < 2.12.4 Server-Side Request Forgery
- 114327Ollama Detected
- 114328Ollama Unauthenticated Access
- 114330WordPress 4.1.x < 4.1.41 Multiple Vulnerabilities
- 114331WordPress 4.2.x < 4.2.38 Multiple Vulnerabilities
- 114332WordPress 4.3.x < 4.3.34 Multiple Vulnerabilities
- 114333WordPress 4.4.x < 4.4.33 Multiple Vulnerabilities
- 114334WordPress 4.5.x < 4.5.32 Multiple Vulnerabilities
- 114335WordPress 4.6.x < 4.6.29 Multiple Vulnerabilities
- 114336WordPress 4.7.x < 4.7.29 Multiple Vulnerabilities
- 114337WordPress 4.8.x < 4.8.25 Multiple Vulnerabilities
- 114338WordPress 4.9.x < 4.9.26 Multiple Vulnerabilities
- 114339WordPress 5.0.x < 5.0.22 Multiple Vulnerabilities
- 114340WordPress 5.1.x < 5.1.19 Multiple Vulnerabilities
- 114341WordPress 5.2.x < 5.2.21 Multiple Vulnerabilities
- 114342WordPress 5.3.x < 5.3.18 Multiple Vulnerabilities
- 114343WordPress 5.4.x < 5.4.16 Multiple Vulnerabilities
- 114344WordPress 5.5.x < 5.5.15 Multiple Vulnerabilities
- 114345WordPress 5.6.x < 5.6.14 Multiple Vulnerabilities
- 114346WordPress 5.7.x < 5.7.12 Multiple Vulnerabilities
- 114347WordPress 5.8.x < 5.8.10 Multiple Vulnerabilities
- 114348WordPress 5.9.x < 5.9.10 Multiple Vulnerabilities
- 114349WordPress 6.0.x < 6.0.9 Multiple Vulnerabilities
- 114350WordPress 6.1.x < 6.1.7 Multiple Vulnerabilities
- 114351WordPress 6.2.x < 6.2.6 Multiple Vulnerabilities
- 114352WordPress 6.3.x < 6.3.5 Multiple Vulnerabilities
- 114353WordPress 6.4.x < 6.4.5 Multiple Vulnerabilities
- 114354WordPress 6.5.x < 6.5.5 Multiple Vulnerabilities
|
Jun 20, 2024, 9:22 AM New- 114303AnythingLLM Detected
- 114304Open WebUI Detected
- 114305Quivr Detected
- 114306NextChat < 2.11.3 Server-Side Request Forgery
- 114307NextChat Detected
- 114308LibreChat Detected
- 114309Flowise Detected
- 114310Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting
- 114311Yoast SEO Plugin for WordPress < 22.6 Cross-Site Scripting
- 114312Flowise < 1.6.6 Authentication Bypass
- 114313Flowise Chatflow Detected
- 114314Atlassian Jira < 9.4.21 Information Disclosure
- 114315Atlassian Jira 9.5.x < 9.12.8 Information Disclosure
- 114316Atlassian Jira 9.13.x < 9.16.0 Information Disclosure
- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
|
Jun 14, 2024, 8:03 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
New- 114299Rejetto HTTP File Server 2.x Remote Code Execution
- 114300PHP CGI Argument Injection Remote Code Execution
- 114301CData Path Traversal
- 114302SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
|
Jun 10, 2024, 8:10 AM Modified Detection- 113211HTTP Verb Tampering
- 114283Unrestricted File Upload
- 98095Misconfiguration in LIMIT directive of .htaccess file
New- 114295Digest Authentication Bruteforced
- 114296PHP 8.3.x < 8.3.8 Multiple Vulnerabilities
- 114297PHP 8.2.x < 8.2.20 Multiple Vulnerabilities
- 114298PHP 8.1.x < 8.1.29 Multiple Vulnerabilities
|
Jun 5, 2024, 7:42 AM Modified Detection- 113162MySQLjs SQL Injection Authentication Bypass
- 113337NoSQL Injection Authentication Bypass
- 114283Unrestricted File Upload
- 98008Web Application Firewall Detected
New- 114292Concrete CMS Login Panel Detected
- 114293Concrete CMS Debug Mode Enabled
- 114294Progress Telerik Report Server Authentication Bypass
|
May 31, 2024, 12:23 PM Modified Detection- 113136Wordpress Administration Panel Login Form Bruteforced
- 114276Database Connection String Disclosure
New- 114285Contact Form 7 Plugin for WordPress < 5.8.4 Arbitrary File Upload
- 114286Contact Form 7 Plugin for WordPress < 5.9.2 Cross-Site Scripting
- 114287Atlassian Confluence 7.20.x < 8.5.9 Remote Code Execution
- 114288Atlassian Confluence 8.6.x < 8.9.1 Remote Code Execution
- 114289Atlassian Confluence < 7.19.22 Remote Code Execution
- 114290JetBrains TeamCity < 2023.11.3 Authentication Bypass
- 114291Check Point Quantum Gateway Directory Traversal
|
May 27, 2024, 6:33 AM Modified Detection- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 113078AngularJS Unsupported Version
- 114041Strapi Cognito Provider Authentication Bypass
- 114108Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
- 114281F5 BIG-IP Next Central Manager SQL Injection
New- 114284Nexus Repository 3.x < 3.68.1 Path Traversal
- 98036Client Certificate Authentication Detected
|
