CVE-2026-27607 RustFS's Missing Post Policy Validation leads to Arbitrary Object Write

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads PostObject, allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enabl...

EUVD-2007-5859

Malware in sbrugna...

EUVD-2008-5613

Malware in sbrugna...

Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users

Impact This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords. The /-/api API explorer endpoint could reveal the names of both databases an...

TxtBlog 1.0 Alpha Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================== TxtBlog 1.0 Alpha Remote Command Execution Exploit ================================================== !/usr/bin/perl...

TxtBlog 1.0 Alpha - Remote Command Execution

!/usr/bin/perl ----------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------- App = TxtBlog v 1.0 Alpha Downl = http://downloads.sourceforge.net/txtblogcms/txtblogcms-1.0a.zip Remote Command...

txtblog-lfi.txt

============================================================ TxtBlog index.php m Local File Inclusion Vulnerability ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

TxtBlog (index.php m) Local File Inclusion Vulnerability

No description provided by source. ============================================================ TxtBlog index.php m Local File Inclusion Vulnerability ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Undergroun...

Zero CMS 1.0 Alpha Arbitrary File Upload / SQL Injection Vulnerabilities

No description provided by source. | | | / | |\ \ / | / |/ | | | | |/ \ | | / \ \ | \ \ | | | | | \ | |/ \ | | // | || | | | ||| /| / /\ | |||| &...

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection | | | / | |\ \ / | / |/ | | | | |/ \ | | | |||| | | /| / / | | Zero CMS Remote Arbitrary File Upload / SQL Injections | | Version: = 1.0 Alpha Last | | Vendor: www.zero-cms.com | | Discovered by: KiNgOfThEwOrLd | | Intro: | | | | An...

CVE-2007-5889

Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha aka Phoenix allow remote attackers to execute arbitrary PHP code via a URL in the siteabsolutepath parameter to 1 admin.php, 2 menuadd.php, and 3 menuoperation.php in administrator/, different vectors than CVE-2007-5294...

CVE-2007-5889

CVE-2007-5889 describes PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix). The affected components are the admin-facing scripts (admin.php, menu_add.php, menu_operation.php) under the administrator/ path, where a URL passed to site_absolute_path can cause arbitrary PHP co...