Oct 29, 2024, 7:27 AM Modified Detection- 114466Path Relative Stylesheet Import
- 114468SonarQube Public Projects Detected
New- 114460Clockwork Detected
- 114461Clockwork Unrestricted Access
- 114462SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection
- 114463Robomongo File Detected
- 114464SSH Authorized Keys File Detected
- 114465SSH id_rsa File Detected
- 114467Danswer < 0.10.0-beta.1 Insecure Direct Object Reference
|
Oct 21, 2024, 7:11 AM Modified Detection- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114129Secret Data Disclosure
- 98228Drupal Unsupported Version
New- 114449Dolibarr 16.x < 16.0.5 Database Download
- 114450Mura/Masa CMS SQL Injection
- 114451XWiki Platform 7.0 < 14.4.8 / 14.5 < 14.10.4 Remote Code Execution
- 114452SEOPress Plugin for WordPress < 7.9 PHP Object Injection
- 114453Atlassian Confluence < 7.19.25 Cross-Site Scripting
- 114454Atlassian Confluence 7.20.x < 8.5.11 Cross-Site Scripting
- 114455Atlassian Confluence 8.6.x < 8.9.3 Cross-Site Scripting
- 114456Drupal 10.2.x < 10.2.10 Improper Error Handling
- 114457Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties
- 114458GiveWP Plugin for WordPress < 3.16.4 Remote Code Execution
- 114459Gradio < 4.37.1 Open Redirect
|
Oct 15, 2024, 6:35 AM Modified Detection- 114129Secret Data Disclosure
- 114247Authentication Check Pattern Found in Unauthenticated Browser
New- 114448Apache Tapestry Arbitrary File Read
|
Oct 3, 2024, 7:40 AM Modified Detection- 112550Full Path Disclosure
- 113393Performance Telemetry
- 114129Secret Data Disclosure
- 114439Express.js Cookie-Session Weak Secret Key
New- 114445PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
- 114446PHP 8.2.x < 8.2.24 Multiple Vulnerabilities
- 114447PHP 8.1.x < 8.1.30 Multiple Vulnerabilities
|
Sep 26, 2024, 12:54 PM Modified Detection- 114283Unrestricted File Upload
New- 114441PowerPress Podcasting Plugin for WordPress 11.9.3 / 11.9.4 Injected Backdoor
- 114442Pods Plugin for WordPress 3.2.3 Injected Backdoor
- 114443Social Warfare Plugin for WordPress 4.4.6.4 < 4.4.7.3 Injected Backdoor
- 114444Apache OFBiz < 18.12.16 Remote Code Execution
|
Sep 24, 2024, 6:34 AM Modified Detection- 112686JSON Web Token Detected
- 114433Ivanti EPM RecordGoodApp SQL Injection
- 114434Flask Weak Secret Key
- 114439Express.js Cookie-Session Weak Secret Key
New- 114432Laravel Weak Secret Key
- 114435Django Weak Secret Key
- 114436Ruby On Rails Weak Secret Key
- 114437Pyramid Weak Secret Key
- 114438Express.js Express-Session Weak Secret Key
- 114440LiteSpeed Cache Plugin for WordPress < 6.5.0.1 Sensitive Information Exposure
|
Sep 17, 2024, 6:25 AM Modified Detection- 98538Environment Configuration File Detected
New- 114429Service Worker Detected
- 114430Next.js Remote Patterns Server-Side Request Forgery
- 114431Next.js < 14.1.1 Server Actions Server-Side Request Forgery
|
Sep 12, 2024, 9:21 AM New- 114428Sequelize Configuration File Detected
|
Sep 9, 2024, 1:31 PM Modified Detection- 112726Apache Struts 2.3.5 < 2.3.32 / 2.5.x < 2.5.10.1 Remote Code Execution (S2-045 / S2-046)
- 112741Apache Struts 2.x < 2.3.15.1 Remote Code Execution (S2-016)
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 114168Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read
New- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114424CKEditor < 5.35.0.1 Cross-Site Scripting
- 114425CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting
- 114426CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting
- 114427Gutenberg Forms Plugin for WordPress <= 2.2.9 Arbitrary File Upload
|
Sep 6, 2024, 11:19 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
- 112907GraphQL Interface Detected
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 98146Password Submitted Using GET Method
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114413Flowise < 2.0.6 Authentication Bypass
- 114414Joomla! 5.x < 5.1.3 Multiple Vulnerabilities
- 114415Joomla! 4.x < 4.4.7 Multiple Vulnerabilities
- 114416Joomla! 3.x < 3.10.17 Multiple Vulnerabilities
- 114417Atlassian Confluence < 7.19.26 Multiple Vulnerabilities
- 114418Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities
- 114419Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities
- 114420Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities
- 114421Nginx 1.27.0 Buffer Over-read
- 114422Nginx 1.5.13 < 1.26.2 Buffer Over-read
- 114423Nginx 1.25.x < 1.26.1 Multiple Vulnerabilities
|
Sep 3, 2024, 6:46 AM New- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
- 114401Nginx+ Dashboard Unrestricted Access
- 114402Nginx HTTP API Module Unrestricted Access
- 114403Laravel Pulse Unrestricted Access
- 114404Laravel Horizon Unrestricted Access
- 114405Laravel Telescope Unrestricted Access
- 114406LiteSpeed Cache Plugin for WordPress < 6.4 Privilege Escalation
- 114407Gradio Detected
- 114408Gradio Unauthenticated Access
- 114409Gradio 4.3 < 4.13 Local File Read
- 114410FCKEditor Unsupported Version
- 114411Ivanti Virtual Traffic Manager Authentication Bypass
|
Aug 12, 2024, 6:31 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 114400Apache OFBiz < 18.12.11 Server-Side Request Forgery
- 98084Directory Listing
- 98114XPath Injection
New- 114393Danswer Unauthenticated Access
- 114395WebSocket Detected
- 114396Apache OFBiz < 18.12.15 Remote Code Execution
- 114397AI Engine Plugin for WordPress < 2.4.8 Server-Side Request Forgery
- 114398Edge Side Includes Injection
- 114399Apache OFBiz < 18.12.13 Path Traversal
|
Aug 1, 2024, 6:42 AM Modified Detection- 113030Out-of-Date Bootstrap Detected
- 113031Out-of-Date JQuery UI Detected
- 113032Out-of-Date Modernizr Detected
- 113033Out-of-Date Underscore.js Detected
- 113034Out-of-Date MediaElement.Js Detected
- 113037Out-of-Date Backbone JS Framework Detected
- 113959GeoServer SQL Injection
- 114006Web Cache Poisoning Denial of Service
- 114313Flowise Chatflow Detected
- 98084Directory Listing
- 98114XPath Injection
New- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
- 114393Danswer Unauthenticated Access
- 114394GeoServer Remote Code Execution
|
Jul 29, 2024, 7:28 AM Modified Detection- 113219Insecure Redirect Chain
- 113338Web Cache Poisoning
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
- 114382Missing 'Content-Type' Charset
- 114386External Broken Resources Detected
New- 114387PaperCut NG/MF < 22.1.3 Path Traversal
- 114388Facade Ignition < 2.5.2 Remote Code Execution
- 114389ChatGPT-web Detected
- 114390AnythingLLM API Sensitive Information Disclosure
- 114391Dify Detected
- 114392Danswer Detected
|
Jul 22, 2024, 7:15 AM Modified Detection- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
- 114363Apache 2.4.60 Source Code Disclosure
- 114382Missing 'Content-Type' Charset
New- 114383Ivanti EPM Cloud Services Appliance < 4.6.0-512 Remote Code Execution
- 114384Progress Kemp LoadMaster Remote Command Execution
- 114385Apache 2.4.x < 2.4.62 Multiple Vulnerabilities
|
Jul 18, 2024, 6:31 AM Modified Detection- 113117Magento Administration Panel Login Form Bruteforced
- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
- 114373Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
- 114374Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
- 114375Joomla! 3.x < 3.10.16 Multiple Vulnerabilities
- 114377Atlassian Confluence < 7.19.22 Cross-Site Scripting
- 114378Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting
- 114379Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting
- 114381Apache Hugegraph 1.0.0 < 1.3.0 Remote Command Execution
New- 114367H2O Flow Detected
- 114368Bricks Theme for WordPress < 1.9.6.1 Remote Code Execution
- 114369Qlik Sense Enterprise Path Traversal
- 114370Grafana Default Credentials
- 114371Odoo Database Manager Detected
- 114372Odoo Unprotected Database Manager
- 114376ServiceNow Server-Side Template Injection
- 114380Nortek Linear eMerge E3-Series < 0.32-08f Command Injection
|
Jul 5, 2024, 8:36 AM New- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
- 114362ChatGPT Plugin Manifest Detected
- 114364Apache Tomcat 11.0.0-M1 < 11.0.0-M21 Denial Of Service
- 114365Apache Tomcat 10.1.0-M1 < 10.1.25 Denial Of Service
- 114366Apache Tomcat 9.0.0-M1 < 9.0.90 Denial Of Service
|
Jul 3, 2024, 6:38 AM Modified Detection- 112697JSON Web Token Weak Secret
- 114357Polyfill Detected
- 114360Apache 2.4.x < 2.4.60 Multiple Vulnerabilities
New- 114329WordPress Emergency Password Reset Script Detected
- 114358Malicious Third Party Domain Detected
- 114359ZenML Detected
- 114361Ray Detected
|
Jun 28, 2024, 7:58 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 114357Polyfill Detected
New- 114329WordPress Emergency Password Reset Script Detected
- 114355Ivanti Endpoint Manager Mobile < 11.11.0.0 Authentication Bypass
- 114356Ivanti Sentry Authentication Bypass
|
Jun 26, 2024, 6:29 AM Modified Detection- 114325Adobe Commerce / Magento XML External Entity Injection (CosmicSting)
- 98112Cross-Site Request Forgery
New- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
- 114319Langflow Detected
- 114320Langflow Unauthenticated Access
- 114321Chatgpt.js Detected
- 114322PHP Input Variables Exceeded
- 114323MLflow Default Credentials
- 114324MLflow Unauthenticated Access
- 114326NextChat < 2.12.4 Server-Side Request Forgery
- 114327Ollama Detected
- 114328Ollama Unauthenticated Access
- 114330WordPress 4.1.x < 4.1.41 Multiple Vulnerabilities
- 114331WordPress 4.2.x < 4.2.38 Multiple Vulnerabilities
- 114332WordPress 4.3.x < 4.3.34 Multiple Vulnerabilities
- 114333WordPress 4.4.x < 4.4.33 Multiple Vulnerabilities
- 114334WordPress 4.5.x < 4.5.32 Multiple Vulnerabilities
- 114335WordPress 4.6.x < 4.6.29 Multiple Vulnerabilities
- 114336WordPress 4.7.x < 4.7.29 Multiple Vulnerabilities
- 114337WordPress 4.8.x < 4.8.25 Multiple Vulnerabilities
- 114338WordPress 4.9.x < 4.9.26 Multiple Vulnerabilities
- 114339WordPress 5.0.x < 5.0.22 Multiple Vulnerabilities
- 114340WordPress 5.1.x < 5.1.19 Multiple Vulnerabilities
- 114341WordPress 5.2.x < 5.2.21 Multiple Vulnerabilities
- 114342WordPress 5.3.x < 5.3.18 Multiple Vulnerabilities
- 114343WordPress 5.4.x < 5.4.16 Multiple Vulnerabilities
- 114344WordPress 5.5.x < 5.5.15 Multiple Vulnerabilities
- 114345WordPress 5.6.x < 5.6.14 Multiple Vulnerabilities
- 114346WordPress 5.7.x < 5.7.12 Multiple Vulnerabilities
- 114347WordPress 5.8.x < 5.8.10 Multiple Vulnerabilities
- 114348WordPress 5.9.x < 5.9.10 Multiple Vulnerabilities
- 114349WordPress 6.0.x < 6.0.9 Multiple Vulnerabilities
- 114350WordPress 6.1.x < 6.1.7 Multiple Vulnerabilities
- 114351WordPress 6.2.x < 6.2.6 Multiple Vulnerabilities
- 114352WordPress 6.3.x < 6.3.5 Multiple Vulnerabilities
- 114353WordPress 6.4.x < 6.4.5 Multiple Vulnerabilities
- 114354WordPress 6.5.x < 6.5.5 Multiple Vulnerabilities
|
Jun 20, 2024, 9:22 AM Modified Detection- 114313Flowise Chatflow Detected
New- 114303AnythingLLM Detected
- 114304Open WebUI Detected
- 114305Quivr Detected
- 114306NextChat < 2.11.3 Server-Side Request Forgery
- 114307NextChat Detected
- 114308LibreChat Detected
- 114309Flowise Detected
- 114310Yoast SEO Plugin for WordPress < 22.7 Cross-Site Scripting
- 114311Yoast SEO Plugin for WordPress < 22.6 Cross-Site Scripting
- 114312Flowise < 1.6.6 Authentication Bypass
- 114314Atlassian Jira < 9.4.21 Information Disclosure
- 114315Atlassian Jira 9.5.x < 9.12.8 Information Disclosure
- 114316Atlassian Jira 9.13.x < 9.16.0 Information Disclosure
- 114317MLflow Detected
- 114318Flowise Unauthenticated Access
|
Jun 14, 2024, 8:03 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
New- 114299Rejetto HTTP File Server 2.x Remote Code Execution
- 114300PHP CGI Argument Injection Remote Code Execution
- 114301CData Path Traversal
- 114302SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
|
Jun 10, 2024, 8:10 AM Modified Detection- 113211HTTP Verb Tampering
- 114283Unrestricted File Upload
- 98095Misconfiguration in LIMIT directive of .htaccess file
New- 114295Digest Authentication Bruteforced
- 114296PHP 8.3.x < 8.3.8 Multiple Vulnerabilities
- 114297PHP 8.2.x < 8.2.20 Multiple Vulnerabilities
- 114298PHP 8.1.x < 8.1.29 Multiple Vulnerabilities
|
Jun 5, 2024, 7:42 AM Modified Detection- 113162MySQLjs SQL Injection Authentication Bypass
- 113337NoSQL Injection Authentication Bypass
- 114283Unrestricted File Upload
- 98008Web Application Firewall Detected
New- 114292Concrete CMS Login Panel Detected
- 114293Concrete CMS Debug Mode Enabled
- 114294Progress Telerik Report Server Authentication Bypass
|
May 31, 2024, 12:23 PM Modified Detection- 113136Wordpress Administration Panel Login Form Bruteforced
- 114276Database Connection String Disclosure
New- 114285Contact Form 7 Plugin for WordPress < 5.8.4 Arbitrary File Upload
- 114286Contact Form 7 Plugin for WordPress < 5.9.2 Cross-Site Scripting
- 114287Atlassian Confluence 7.20.x < 8.5.9 Remote Code Execution
- 114288Atlassian Confluence 8.6.x < 8.9.1 Remote Code Execution
- 114289Atlassian Confluence < 7.19.22 Remote Code Execution
- 114290JetBrains TeamCity < 2023.11.3 Authentication Bypass
- 114291Check Point Quantum Gateway Directory Traversal
|
May 27, 2024, 6:33 AM Modified Detection- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 113078AngularJS Unsupported Version
- 114041Strapi Cognito Provider Authentication Bypass
- 114108Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
- 114281F5 BIG-IP Next Central Manager SQL Injection
New- 114284Nexus Repository 3.x < 3.68.1 Path Traversal
- 98036Client Certificate Authentication Detected
|
May 21, 2024, 11:00 AM Modified Detection- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 113078AngularJS Unsupported Version
- 113452WordPress Plugins Detected
- 98067Insecure Cross-Domain Policy (allow-access-from)
- 98068Insecure Cross-Domain Policy (allow-http-request-headers-from)
New- 114282Palo Alto PAN-OS GlobalProtect Remote Code Execution
|
May 16, 2024, 6:51 AM Modified Detection- 112544HTTP to HTTPS Redirect Not Enabled
- 113165Apache mod_negotiation Alternative Filename Disclosure
- 113219Insecure Redirect Chain
- 114006Web Cache Poisoning Denial of Service
- 114237Open Proxy
- 114281F5 BIG-IP Next Central Manager SQL Injection
- 98107Cross-Site Scripting (XSS) in path
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
New- 114280Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities
|
May 6, 2024, 6:58 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 114168Jenkins < 2.442 / < LTS 2.426.3 Arbitrary File Read
- 114276Database Connection String Disclosure
New- 114275IBM Aspera Faspex < 4.4.2 PL2 Remote Code Execution
- 114277Ghost CMS < 5.42.1 Path Traversal
- 114278Vercel Source Code Exposure
- 114279Vmware vRealize Network Insight Command Injection
|
Apr 26, 2024, 6:15 AM Modified Detection- 113310Blind XPath Injection (differential analysis)
- 98008Web Application Firewall Detected
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98136Target Information
New- 114274.NET HTTP Remoting Remote Code Execution
|
Apr 24, 2024, 7:42 AM Modified Detection- 114273CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape
|
Apr 23, 2024, 3:22 PM Modified Detection- 114006Web Cache Poisoning Denial of Service
- 114273CrushFTP < 10.7.1 / 11.x < 11.1.0 VFS Sandbox Escape
New- 114263ReviewX Plugin for WordPress < 1.6.3 SQL Injection
- 114264One-click Countdowns Plugin for WordPress <= 0.6.2 SQL Injection
- 114265Events Made Easy Plugin for WordPress <= 2.3.14 SQL Injection
- 114266WP Popup Banners Plugin for WordPress <= 1.2.5 SQL Injection
- 114267Gift Cards (Gift Vouchers and Packages) Plugin for WordPress < 4.3.3 SQL Injection
- 114268Formidable PRO2PDF Plugin for WordPress < 3.11 SQL Injection
- 114269Django Debug Mode Enabled
- 114270PHP 8.3.x < 8.3.6 Multiple Vulnerabilities
- 114271PHP 8.2.x < 8.2.18 Multiple Vulnerabilities
- 114272PHP 8.1.x < 8.1.28 Multiple Vulnerabilities
|
Apr 22, 2024, 9:08 AM Modified Detection- 112552Deprecated Content Security Policy
- 112554Permissive Content Security Policy Detected
- 112569OpenAPI Import Success
- 112570OpenAPI Import Failed
- 114237Open Proxy
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114259Adobe ColdFusion Arbitrary File Read
- 114260Keycloak Information Disclosure
- 114261WSO2 Management Console Cross-Site Scripting
- 114262Request URL Override
|
Apr 12, 2024, 6:28 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 114258LayerSlider Plugin for WordPress 7.9.11 < 7.10.1 SQL Injection
- 98123Operating System Command Injection
New- 114245OpenCMS < 10.5.1 Multiples Vulnerabilities
- 114250Apache Superset < 2.1.0 Hardcoded Secret Key
- 114251Oracle Reports Servlet Arbitrary File Read
- 114252WordPress 6.1.x < 6.1.6 Cross-Site Scripting
- 114253WordPress 6.2.x < 6.2.5 Cross-Site Scripting
- 114254WordPress 6.3.x < 6.3.4 Cross-Site Scripting
- 114255WordPress 6.4.x < 6.4.4 Cross-Site Scripting
- 114256WordPress 6.5.x < 6.5.2 Cross-Site Scripting
- 114257Quarkus DevMode Enabled
|
Apr 9, 2024, 6:35 AM Modified Detection- 113010API Key Authentication Succeeded
- 113011API Key Authentication Failed
- 113012Bearer Token Authentication Succeeded
- 113013Bearer Token Authentication Failed
- 114247Authentication Check Pattern Found in Unauthenticated Browser
- 98034Login Form Authentication Failed
- 98035Login Form Authentication Succeeded
- 98139Cookie Authentication Succeeded
- 98140Cookie Authentication Failed
- 98141Selenium Authentication Succeeded
- 98142Selenium Authentication Failed
New- 114245OpenCMS < 10.5.1 Multiples Vulnerabilities
- 114246OpenCMS < 16.0 Multiples Vulnerabilities
- 114248Pentaho Business Server Server-Side Template Injection
- 114249Apache 2.4.x < 2.4.59 Multiple Vulnerabilities
|
Apr 3, 2024, 4:03 PM |
Apr 2, 2024, 8:49 AM Modified Detection- 113117Magento Administration Panel Login Form Bruteforced
- 114043Adobe ColdFusion Improper Access Control
- 98642Magento Administration Panel Login Form Detected
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114243Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Cross-Site Scripting
- 114244Payment Form Detected
|
Mar 25, 2024, 8:46 AM Modified Detection- 112526Missing 'X-XSS-Protection' Header (deprecated)
- 112527Disabled 'X-XSS-Protection' Header (deprecated)
- 112529Missing 'X-Content-Type-Options' Header
- 112535HTTP Strict Transport Security Policy Detected
- 112551Missing Content Security Policy
- 112552Deprecated Content Security Policy
- 112553Missing 'Cache-Control' Header
- 112554Permissive Content Security Policy Detected
- 112555Report Only Content Security Policy Detected
- 113333Duplicate HTTP Headers Detected
- 114042Adobe ColdFusion Remote Code Execution
- 114224Serialized Data Detected
- 114237Open Proxy
- 114238Atlassian Confluence < 7.19.20 Path Traversal
- 114239Atlassian Confluence 7.20.x < 8.5.7 Path Traversal
- 114240Atlassian Confluence 8.6.x < 8.8.1 Path Traversal
- 98057Insecure 'Access-Control-Allow-Origin' Header
- 98060Missing 'X-Frame-Options' Header
- 98084Directory Listing
- 98526Missing Permissions Policy
- 98527Missing Referrer Policy
- 98618HTTP Header Information Disclosure
- 98648Missing 'Content-Type' Header
- 98715Permissive HTTP Strict Transport Security Policy Detected
New- 114241PrestaShop 1.7.7.0 SQL injection
- 114242Adobe ColdFusion < 2021 Update 12 / < 2023 Update 6 Remote Code Execution
|
Mar 18, 2024, 8:50 AM Modified Detection- 112920GraphQL Cross-Site Request Forgery
- 113158Package Dependencies Detected
- 113162MySQLjs SQL Injection Authentication Bypass
- 113310Blind XPath Injection (differential analysis)
- 113337NoSQL Injection Authentication Bypass
- 113634Server-Side Inclusion Injection
- 113900Cross-Site Request Forgery Token Validation Bypass
- 114006Web Cache Poisoning Denial of Service
- 114116XML Injection
- 98056Missing HTTP Strict Transport Security Policy
- 98100Path Traversal
- 98112Cross-Site Request Forgery
- 98113XML External Entity
- 98114XPath Injection
- 98115SQL Injection
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98125Local File Inclusion
- 98642Magento Administration Panel Login Form Detected
New- 114230Sangfor NGAF Authentication Bypass
- 114231Cisco IOS XE Remote Code Execution
- 114232PHP Development Server < 7.4.22 Source Disclosure
- 114233Apache Tomcat 11.0.0-M1 < 11.0.0-M17 Denial Of Service
- 114234Apache Tomcat 10.1.0-M1 < 10.1.19 Denial Of Service
- 114235Apache Tomcat 9.0.0-M1 < 9.0.86 Denial Of Service
- 114236Apache Tomcat 8.5.x < 8.5.99 Denial Of Service
|
Mar 13, 2024, 6:13 AM Modified Detection- 112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple Vulnerabilities
- 112295Apache Tomcat 9.0.0.M1 < 9.0.0.M22 Multiple Vulnerabilities
- 112543HTTPS Not Detected
- 112704Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 Remote Code Execution
- 112719Client-Side Prototype Pollution
- 113075Apache Log4j Remote Code Execution (Log4Shell)
- 113123Dockerfile Detected
- 113158Package Dependencies Detected
- 113168Docker Compose Configuration Detected
- 113217Spring Framework < 5.2.20 / 5.3.x < 5.3.18 Remote Code Execution (Spring4Shell)
- 113369BackupBuddy Plugin for WordPress < 8.7.5 Arbitrary File Read
- 113373Atlassian Bitbucket Remote Code Execution
- 113420Nginx < 1.22.1 Multiple Vulnerabilities
- 113421Nginx 1.23.x < 1.23.2 Multiple Vulnerabilities
- 113634Server-Side Inclusion Injection
- 113838WooCommerce Payments Plugin for WordPress 5.6.x < 5.6.2 Authentication Bypass
- 114031WooCommerce Payments Plugin for WordPress 6.3.x < 6.3.2 Authentication Bypass
- 114032WooCommerce Payments Plugin for WordPress 6.2.x < 6.2.2 Authentication Bypass
- 114033WooCommerce Payments Plugin for WordPress 5.5.x < 5.5.2 Authentication Bypass
- 114034WooCommerce Payments Plugin for WordPress 5.4.x < 5.4.1 Authentication Bypass
- 114035WooCommerce Payments Plugin for WordPress 5.3.x < 5.3.1 Authentication Bypass
- 114036WooCommerce Payments Plugin for WordPress 5.2.x < 5.2.2 Authentication Bypass
- 114037WooCommerce Payments Plugin for WordPress 5.1.x < 5.1.3 Authentication Bypass
- 114038WooCommerce Payments Plugin for WordPress 5.0.x < 5.0.4 Authentication Bypass
- 114039WooCommerce Payments Plugin for WordPress 4.9.x < 4.9.1 Authentication Bypass
- 114040WooCommerce Payments Plugin for WordPress 4.8.x < 4.8.2 Authentication Bypass
- 114108Strapi < 4.8.0 Private Fields Sensitive Information Disclosure
- 114129Secret Data Disclosure
- 114143Node-config Configuration File Detected
- 114224Serialized Data Detected
- 98060Missing 'X-Frame-Options' Header
- 98117Blind SQL Injection (differential analysis)
- 98125Local File Inclusion
- 98607Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities
- 98642Magento Administration Panel Login Form Detected
- 98950Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
- 98951Nginx < 1.2.9 ngx_http_proxy_module.c Multiple Vulnerabilities
New- 114225JetBrains TeamCity < 2023.11.4 Authentication Bypass
- 114226LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting
- 114227Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection
- 114228PyTorch Serve Server-Side Request Forgery
- 114229Popup Builder Plugin for WordPress < 4.2.3 Cross-Site Scripting
|
Mar 6, 2024, 7:34 AM Modified Detection- 113075Apache Log4j Remote Code Execution (Log4Shell)
- 114223HTTP Request Smuggling
- 114224Serialized Data Detected
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98607Ultimate Member Plugin for WordPress < 2.0.46 Multiple Vulnerabilities
New- 114225JetBrains TeamCity < 2023.11.4 Authentication Bypass
- 114226LiteSpeed Cache Plugin for WordPress < 5.7.0.1 Cross-Site Scripting
- 114227Ultimate Member Plugin for WordPress < 2.8.3 SQL Injection
|
Feb 27, 2024, 9:34 AM Modified Detection- 114214ConnectWise ScreenConnect < 23.9.8 Authentication Bypass
- 114220Atlassian Confluence < 7.19.18 Cross-Site Scripting
- 114221Atlassian Confluence 8.7.x < 8.7.2 Cross-Site Scripting
- 114222Atlassian Confluence 7.20.x < 8.5.5 Cross-Site Scripting
- 98047Allowed HTTP Methods
- 98117Blind SQL Injection (differential analysis)
New- 114219HTTP/2 Cleartext Upgrade Support Detected
|
Feb 21, 2024, 11:56 AM Modified Detection- 112705Oracle WebLogic 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.4.0 / 14.1.1.0.0 Authentication Bypass
- 113010API Key Authentication Succeeded
- 113011API Key Authentication Failed
- 113012Bearer Token Authentication Succeeded
- 113013Bearer Token Authentication Failed
- 113310Blind XPath Injection (differential analysis)
- 113580Web Cache Deception
- 114006Web Cache Poisoning Denial of Service
- 114145Apache OFBiz Authentication Bypass
- 114214ConnectWise ScreenConnect < 23.9.8 Authentication Bypass
- 98034Login Form Authentication Failed
- 98035Login Form Authentication Succeeded
- 98117Blind SQL Injection (differential analysis)
- 98119Blind NoSQL Injection (differential analysis)
- 98139Cookie Authentication Succeeded
- 98140Cookie Authentication Failed
- 98141Selenium Authentication Succeeded
- 98142Selenium Authentication Failed
New- 114211GraphQL Batching
- 114212Lead Generated Plugin for WordPress < 1.25 Insecure Deserialization
- 114213BuddyForms Plugin for WordPress < 2.7.8 Insecure Deserialization
- 114215Apache Tomcat 9.0.0-M11 < 9.0.44 Request Smuggling
- 114216Apache Tomcat 8.5.7 < 8.5.64 Request Smuggling
- 114217Joomla! 5.x < 5.0.3 Multiple Vulnerabilities
- 114218Joomla! 1.5.x < 4.4.3 Multiple Vulnerabilities
|
Feb 19, 2024, 10:57 AM Modified Detection- 114203Ivanti Connect Secure 9.x / 22.x XML External Entity
New- 114207Nginx 1.25.x < 1.25.4 Multiple Vulnerabilities
- 114208InPost Gallery Plugin for WordPress < 2.1.4.2 Cross-Site Scripting
- 114209Bulk Price Update for Woocommerce Plugin for WordPress < 2.2.2 Cross-Site Scripting
- 114210Meta Data and Taxonomies Filter Plugin for WordPress < 1.3.1 Cross-Site Scripting
|
Feb 15, 2024, 7:42 AM Modified Detection- 114027WP Fastest Cache Plugin for WordPress < 1.1.3 Multiple Vulnerabilities
- 114122Appwrite Server-Side Request Forgery
- 114164Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection
- 114203Ivanti Connect Secure 9.x / 22.x XML External Entity
New- 114204My Calendar Plugin for WordPress < 3.4.22 SQL Injection
- 114205Html5 Video Player Plugin for WordPress < 2.5.25 SQL Injection
- 114206RStudio Connect < 2023.05 Open Redirect
|
Feb 8, 2024, 7:52 AM Modified Detection- 112614Server-Side Template Injection
- 113237PHP Object Deserialization
- 114042Adobe ColdFusion Remote Code Execution
- 114166SOAP API Detected
New- 114199Amazon Web Services Detected
- 114200Google Cloud Platform Detected
- 114201Microsoft Azure Detected
- 114202Microsoft Entra ID Detected
|
Feb 7, 2024, 7:39 AM Modified Detection- 114145Apache OFBiz Authentication Bypass
New- 114196Ivanti Connect Secure 9.x / 22.x Server-Side Request Forgery
- 114197Openfire Path Traversal
- 114198Juniper Junos OS Remote Code Execution
|
Feb 2, 2024, 7:54 AM New- 114162XSLT Injection
- 114163Fortra GoAnywhere MFT 6.x > 6.0.1 / 7.x < 7.4.1 Authentication Bypass
- 114165Ivanti Connect Secure 9.x / 22.x Authentication Bypass
- 114167gRPC Detected
- 114169Google Extensible Service Proxy 2.20.0 < 2.43.0 Authentication Bypass
- 114170WordPress 4.1.x < 4.1.40 Multiple Vulnerabilities
- 114171WordPress 4.2.x < 4.2.37 Multiple Vulnerabilities
- 114172WordPress 4.3.x < 4.3.33 Multiple Vulnerabilities
- 114173WordPress 4.4.x < 4.4.32 Multiple Vulnerabilities
- 114174WordPress 4.5.x < 4.5.31 Multiple Vulnerabilities
- 114175WordPress 4.6.x < 4.6.28 Multiple Vulnerabilities
- 114176WordPress 4.7.x < 4.7.28 Multiple Vulnerabilities
- 114177WordPress 4.8.x < 4.8.24 Multiple Vulnerabilities
- 114178WordPress 4.9.x < 4.9.25 Multiple Vulnerabilities
- 114179WordPress 5.0.x < 5.0.21 Multiple Vulnerabilities
- 114180WordPress 5.1.x < 5.1.18 Multiple Vulnerabilities
- 114181WordPress 5.2.x < 5.2.20 Multiple Vulnerabilities
- 114182WordPress 5.3.x < 5.3.17 Multiple Vulnerabilities
- 114183WordPress 5.4.x < 5.4.15 Multiple Vulnerabilities
- 114184WordPress 5.5.x < 5.5.14 Multiple Vulnerabilities
- 114185WordPress 5.6.x < 5.6.13 Multiple Vulnerabilities
- 114186WordPress 5.7.x < 5.7.11 Multiple Vulnerabilities
- 114187WordPress 5.8.x < 5.8.9 Multiple Vulnerabilities
- 114188WordPress 5.9.x < 5.9.9 Multiple Vulnerabilities
- 114189WordPress 6.0.x < 6.0.7 Multiple Vulnerabilities
- 114190WordPress 6.1.x < 6.1.5 Multiple Vulnerabilities
- 114191WordPress 6.2.x < 6.2.4 Multiple Vulnerabilities
- 114192WordPress 6.3.x < 6.3.3 Multiple Vulnerabilities
- 114193WordPress 6.4.x < 6.4.3 Multiple Vulnerabilities
- 114194Express.js Authentication Bypass
- 114195Web Server Configuration File Detected
|
Jan 26, 2024, 8:12 AM Modified Detection- 114116XML Injection
- 114164Stripe Payment Plugin for WooCommerce Plugin for WordPress < 3.8.0 SQL Injection
New- 114162XSLT Injection
- 114163Fortra GoAnywhere MFT 6.x > 6.0.1 / 7.x < 7.4.1 Authentication Bypass
- 114165Ivanti Connect Secure 9.x / 22.x Authentication Bypass
|
Jan 24, 2024, 9:53 AM Modified Detection- 113337NoSQL Injection Authentication Bypass
- 113853Customer Reviews for WooCommerce Plugin for WordPress < 5.17.0 Cross-Site Scripting
- 113855GiveWP Plugin for WordPress < 2.24.1 SQL Injection
- 113871DotNetNuke User Enumeration
- 113900Cross-Site Request Forgery Token Validation Bypass
- 113904Sitecore Unauthenticated User Enumeration
- 114042Adobe ColdFusion Remote Code Execution
- 114089Pimcore User Enumeration
- 114099Microsoft SharePoint Server 2019 build < 16.0.10399.20005 Elevation of Privilege
- 114129Secret Data Disclosure
- 114145Apache OFBiz Authentication Bypass
- 114151Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution
- 114152Atlassian Confluence 8.x < 8.5.5 Remote Code Execution
- 114153Atlassian Confluence 8.6.x < 8.7.2 Remote Code Execution
- 114154Atlassian Confluence < 7.19.18 Multiple Remote Code Execution
- 114155Atlassian Confluence 8.x < 8.5.5 Multiple Remote Code Execution
- 114156Atlassian Confluence 8.6.x < 8.7.2 Multiple Remote Code Execution
- 114157POST SMTP Mailer Plugin for WordPress < 2.8.8 Authorization Bypass
New- 114160LearnPress Plugin for WordPress < 4.2.5.8 Multiple Vulnerabilities
- 114161WP Fastest Cache Plugin for WordPress < 1.2.2 SQL Injection
|
