Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 23 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-33541 TSPortal's Uncontrolled User Creation via Validation Side Effects Leads to Potential Denial of Service mirahezeTSPortal Medium 6.5 2026-03-26 20:27:06 Deep Dive
CVE-2026-29788 TSPortal: Anyone can forge self-deletion requests of any user mirahezeTSPortal 中危 -2026-03-06 20:31:18 Deep Dive
CVE-2025-53371 DiscordNotifications allows DOS, SSRF, and possible RCE through requests to user-controlled URLs mirahezeDiscordNotifications Critical 9.1 2025-07-10 17:26:03 Deep Dive
CVE-2025-43861 ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection mirahezeManageWiki Medium 4.4 2025-04-24 20:49:58 Deep Dive
CVE-2025-32964 ManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensions mirahezeManageWiki Medium 4.6 2025-04-22 17:15:03 Deep Dive
CVE-2025-32956 ManageWiki has SQL injection vulnerability in NamespaceMigrationJob mirahezeManageWiki High 8.0 2025-04-21 20:45:50 Deep Dive
CVE-2024-47815 Cross-site Scripting in IncidentReporting mirahezeIncidentReporting Medium 6.0 2024-10-09 18:21:59 Deep Dive
CVE-2024-47816 Users can impersonate import requesters if their actor IDs coincide in ImportDump mirahezeImportDump Medium 6.4 2024-10-09 18:19:17 Deep Dive
CVE-2024-47812 Cross-site Scripting (XSS) on Special:RequestImportQueue when displaying request date in ImportDump mirahezeImportDump Medium 6.0 2024-10-09 18:12:32 Deep Dive
CVE-2024-47781 Cross-site Scripting (XSS) in Special:RequestWikiQueue when displaying sitename in CreateWiki mirahezeCreateWiki 中危 -2024-10-07 21:30:23 Deep Dive
CVE-2024-47782 Cross-site Scripting (XSS) in Special:WikiDiscover when displaying wiki information in WikiDiscover mirahezeWikiDiscover High 7.6 2024-10-07 21:28:01 Deep Dive
CVE-2024-47612 XSS in Special:DataDump when displaying dump status mirahezeDataDump Low 3.5 2024-10-02 14:22:52 Deep Dive
CVE-2024-34701 CreateWiki vulnerable to impersonation of wiki requester mirahezeCreateWiki Medium 5.9 2024-05-13 15:54:13 Deep Dive
CVE-2024-29898 Oversight in fix for GHSA-4rcf-3cj2-46mq may have exposed suppressed wiki requests on private wikis mirahezeCreateWiki Medium 4.9 2024-03-28 13:43:08 Deep Dive
CVE-2024-29897 CreateWiki Leak of suppressed wiki requests outside of `CreateWikiGlobalWiki` mirahezeCreateWiki Medium 4.9 2024-03-28 13:40:43 Deep Dive
CVE-2024-29883 CreateWiki's wiki request suppression ignores the suppression settings set by the suppressor mirahezeCreateWiki Medium 4.9 2024-03-26 13:37:49 Deep Dive
CVE-2024-25109 Cross-Site Scripting in the extensions, settings, permissions and namespaces subpages of ManageWiki mirahezeManageWiki Medium 6.5 2024-02-09 22:25:48 Deep Dive
CVE-2024-25107 Cross-Site Scripting in WikiDiscover mirahezeWikiDiscover Medium 4.9 2024-02-08 22:46:39 Deep Dive
CVE-2022-24813 Authentication Bypass Using an Alternate Path or Channel in CreateWiki mirahezeCreateWiki Medium 5.3 2022-04-04 17:40:11 Deep Dive
CVE-2021-39186 Improper Input Validation in GlobalNewFiles mirahezeGlobalNewFiles Medium 4.3 2021-09-01 20:35:12 Deep Dive