CVE-2026-34579

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior are vulnerable to Authorization Bypass through the private issue monitoring feature . Using a crafted POST request to bugmonitoradd.php, a user with project-level access can add themselves as a monitor for a...

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Google's Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet's Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 CVSS score: 9.1, allows an attacker to bypass authentication and...

Drupal Commerce Alphabank Redirect 安全漏洞

Drupal Commerce Alphabank Redirect is a redirect banking tool for the Drupal community. A security vulnerability exists in Drupal Commerce Alphabank Redirect versions prior to 1.0.3 that stems from improper authorization and could lead to feature abuse...

Teltonika Remote Management System 安全漏洞

Teltonika Remote Management System is a remote management system used by Teltonika to manage Teltonika products. A security vulnerability exists in Teltonika Remote Management System versions prior to 5.7, which stems from misuse of the invite feature and could lead to account pre-hijacking...

CVE-2019-10969

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution...

Drupal Single Content Sync 安全漏洞

Drupal Single Content Sync is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in the Drupal plugin Single Content Sync prior to version 1.4.12, which stems from a lack of authorization and could lead to feature abuse...

Webroot Secure Anywhere 安全漏洞

Webroot Secure Anywhere is a comprehensive antivirus program from Webroot USA. A security vulnerability exists in Webroot Secure Anywhere versions prior to 2.1.2.3 that stems from the presence of type confusion, which can lead to feature abuse...

Webroot Secure Anywhere 安全漏洞

Webroot Secure Anywhere is a comprehensive antivirus program from Webroot USA. A security vulnerability exists in Webroot Secure Anywhere versions prior to 2.1.2.3, which stems from the presence of type obfuscation that allows feature abuse...

Webroot Secure Anywhere 安全漏洞

Webroot Secure Anywhere is a comprehensive antivirus program from Webroot USA. A security vulnerability exists in Webroot Secure Anywhere versions prior to 2.1.2.3, which stems from improper checking of anomalies or exceptions that could lead to feature abuse...

Moxa EDR-810 Remote Code Execution Vulnerability

The Moxa EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and managed Layer 2 switch functionality. A remote code execution vulnerability exists in the Moxa EDR-810 version 5.1 and earlier. The vulnerability stems from the fact that the product allows an...

Remote code execution

Moxa EDR 810, all versions 5.1 and prior, allows an authenticated attacker to abuse the ping feature to execute unauthorized commands on the router, which may allow an attacker to perform remote code execution...

Path traversal

An issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses th...