CVE-2026-7401

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument studentid/fullname/section/username results ...

Exploit for CVE-2025-7401

CVE-2025-7401 Premium Age Verification / Restriction for WordP...

CVE-2025-7401

creationtimestamp| type| source ---|---|--- 2025-10-07 18:41:25+00:00| seen| https://sploitus.com/exploit?id=DEE2BD3C-D6DC-5F41-86F0-F6CB2A7ED5E9&utmsource=rss&utmmedium=rss 2025-10-07 18:41:25+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2013-7401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a or ? character in an ICAP...

CVE-2025-7401

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected remote support functionality in remotetunnel.php in all versions up to, and including, 3.0.2. This makes it possible for...

CVE-2025-7401

The CVE-2025-7401 entry concerns the Premium Age Verification / Restriction for WordPress plugin (vulnerable up to 3.0.2). A remote_tunnel.php endpoint with insufficient access protection enables unauthenticated attackers to read from and write to arbitrary files on the affected site’s server, po...

CVE-2025-7401 Premium Age Verification / Restriction for WordPress <= 3.0.2 - Unauthenticated Arbitrary File Read and Write via remote_tunnel.php

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected remote support functionality in remotetunnel.php in all versions up to, and including, 3.0.2. This makes it possible for...

CVE-2025-7401 Premium Age Verification / Restriction for WordPress <= 3.0.2 - Unauthenticated Arbitrary File Read and Write via remote_tunnel.php

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected remote support functionality in remotetunnel.php in all versions up to, and including, 3.0.2. This makes it possible for...

RHEL 6 : python-django (RHSA-2016:2038)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2038 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

CVE-2024-7401

creationtimestamp| type| source ---|---|--- 2024-08-26 19:39:59+00:00| seen| https://t.me/cvedetector/4189 2025-07-21 14:39:31+00:00| seen| https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lui7ssr7q727 2025-07-22 07:26:42+00:00| seen|...

CVE-2024-7401 Client Enrollment Process Bypass

Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a...

CVE-2024-7401 Client Enrollment Process Bypass

Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a...

Malicious code in wlwz-2312-7401 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44e8ca9f8d568720d62fdbea947cae78ec68f2f742a3d77c3eb431b0b51d9cbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Ubuntu: Security Advisory (USN-4793-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Backdoor.Win32.Delf.eg MVID-2022-0647 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/de6220a8e8fcbbee9763fb10e0ca23d7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.eg Vulnerability: Unauthenticated Remote Command Execution Description...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - nginx (CVE-2018-16844, CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)

Summary Security Vulnerabilities affect IBM Cloud Private - nginx Vulnerability Details CVEID: CVE-2018-16844 DESCRIPTION: nginx is vulnerable to a denial of service, caused by a flaw when complied with ngxhttpv2module. By sending a specially-crafted HTTP/2 request, a remote attacker could exploi...

Mageia: Security Advisory (MGASA-2014-0530)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0334)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)

Summary IBM Aspera Shares has addressed the following OpenSSL vulnerabilities. Vulnerability Details CVEID: CVE-2019-7401 DESCRIPTION: NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a...

NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Buffer Overflow (CVE-2019-7401)

According to the self-reported version in its response header, the version of NGINX Unit hosted on the remote web server is 0.x later than 0.3 or 1.x prior to 1.7.1. It is, therefore, affected by a heap buffer overflow vulnerability in the router process. An unauthenticated, remote attacker can...