Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/85045?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85045?format=api", "vulnerability_id": "VCID-w3bv-4fth-6fd7", "summary": "", "aliases": [ { "alias": "CVE-2014-0763" } ], "fixed_packages": [], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.57891", "scoring_system": "epss", "scoring_elements": "0.98211", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0763" } ], "weaknesses": [], "exploits": [ { "date_added": null, "description": "This module exploits a SQL injection vulnerability found in Advantech WebAccess 7.1. The\n vulnerability exists in the DBVisitor.dll component, and can be abused through malicious\n requests to the ChartThemeConfig web service. This module can be used to extract the site\n and project usernames and hashes.", "required_action": null, "due_date": null, "notes": "Stability:\n - crash-safe\nSideEffects:\n - ioc-in-logs\nReliability: []\n", "known_ransomware_campaign_use": false, "source_date_published": "2014-04-08", "exploit_type": null, "platform": "", "source_date_updated": null, "data_source": "Metasploit", "source_url": "https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb" } ], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w3bv-4fth-6fd7" }