Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx

CVE-2025-57819 — FreePBX Unauthenticated SQLi → RCE One-shot...

CVE-2026-45661

Dokploy

CVE-2026-45661

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...

PT-2026-44938

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.6 Description Dokploy is a self-hostable Platform as a Service PaaS containing a path traversal issue. This allows authenticated users to write arbitrary files to the filesystem during application deployment. Whe...

CVE-2026-41472

CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...

CVE-2026-34783

Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a...

EUVD-2026-19353

Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a...

CVE-2026-34783 Ferret has a Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites

Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a...

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the IO::FS::WRITE function. An attacker can write arbitrary files to unintended locations on the filesystem with attacker-controlled content by supplying crafted filenames containing traversal sequences, which ar...

PT-2026-29811

Summary A path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a website that returns filenames containing ../ sequences, and uses those...

Wallos 代码问题漏洞

Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.7.0 had code vulnerabilities. These vulnerabilities stemmed from incomplete SSRF protections, and the save endpoint did not apply the validatewebhookurlforssrf protection. This allowe...

linux-privilege-escalation-oscp-guide

🔥 Cyber Public School – Linux Privilege Escalation Ultra Guide...

CVE-2025-11725

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...

CVE-2025-11725

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...

CVE-2025-11725

The CVE-2025-11725 entry concerns the Aruba HiSpeed Cache WordPress plugin, affected up to version 3.0.2. The vulnerability arises from missing capability checks in multiple functions, allowing unauthenticated attackers to modify the plugin’s configuration settings and enable/disable features. Im...

PT-2026-20574

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache versions up to and including 3.0.2 Description The Aruba HiSpeed Cache plugin for WordPress is susceptible to unauthorized data modification because of absent capability checks in several functions. This allows...

LinuxPrivEscToolkit

🛡️ Linux Privilege Escalation Toolkit !Pythonhttps://img.s...

CVE-2026-25539 SiYuan has Arbitrary File Write via /api/file/copyFile leading to RCE

SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution RCE by writing to sensitive...

📄 FreePBX Endpoint SQL Injection / Remote Code Execution

FreePBX is an open-source IP PBX management tool that provides a modern phone system for businesses that use VoIP to make and receive phone calls. Versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0.6 are vulnerable to CVE-2025-61675. The...