Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the /api/user/updateuser endpoint. An attacker can gain unauthorized access by exploiting this endpoint to bypass authentication mechanisms. Remediation Upgrade...

PT-2025-40039

An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

Flag Forge 信息泄露漏洞

Flag Forge is an easy-to-use CTF platform open-sourced by FlagForge. An information disclosure vulnerability exists in Flag Forge versions 2.1.0 through prior to 2.3.0, which stems from an API endpoint where GET /api/problems/:id returns a challenge prompt in plaintext, which could lead to...

Improper Authorization

github.com/mattermost/mattermost-server is vulnerable to Improper Authorization. The vulnerability is due to insufficient validation of authorization for team scheme role modifications, which allows an attacker Team Admins to demote Team Members to Guests via the affected API endpoint...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the externalReferenceCode parameter in the /o/c/ API endpoint. An attacker can execute arbitrary web scripts or inject malicious HTML by supplying crafted input. Details Cross-site scripting or XSS is a code...

CVE-2025-56264

The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability...

CVE-2025-56264

The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial-of-service vulnerability...

CVE-2025-43802

Stored cross-site scripting XSS vulnerability in a custom object’s /o/c/ API endpoint in Liferay Portal 7.4.3.51 through 7.4.3.109, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 update 51 through update 92, and 7.3 update 33 through update 35. allows remote attackers to inject arbitrary web...

CVE-2025-10371

A security flaw has been discovered in eCharge Hardy Barth Salia PLCC up to 2.3.81. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released ...

CVE-2025-10371

CVE-2025-10371 affects eCharge Hardy Barth Salia PLCC (versions up to 2.3.81, and 2.2.0 cited in PTSecurity) with a vulnerability in the API endpoint /api.php. The issue allows manipulation of the setrfidlist parameter to achieve unrestricted file uploads, and can be exploited remotely. Public Po...

CVE-2025-54123

Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, the middleware functionality in Hoverfly is vulnerable to command injection vulnerability at /api/v2/hoverfly/middleware endpoint due to insufficient validation and sanitization in user input. The vulnerability exists i...

CVE-2025-55976

Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated user on the local network can directly obtain the Wi-Fi network password by querying this endpoint...

Mattermost Server 9.11.x < 9.11.18 / 10.5.x < 10.5.9 / 10.10.0 Incorrect Authorization (MMSA-2025-00485)

The version of Mattermost Server installed on the remote host is affected by a vulnerability as referenced in the MMSA-2025-00485 advisory. - Mattermost versions 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins t...

CVE-2025-6088

CVE-2025-6088 affects danny-avila/librechat. In version 0.7.8, improper authorization on the conversation sharing endpoint /api/share/conversationID allows a logged-in user to read other users’ conversations when the conversation ID is known. UUIDv4 IDs are server-side but can leak via logs, hist...

CVE-2025-54123

Hoverfly (versions

CVE-2025-56413

OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint...

CVE-2025-8311

dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpoint. This endpoint uses the sites query parameter, which accepts a comma-separated list of site identifiers or keys. The vulnerability was triggered via the sites parameter, whi...

CVE-2025-20270

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of reques...