CVE-2026-4270

Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions = 0.2.14 and 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client application context. To...

EUVD-2026-12474

AWS API MCP File Access Restriction Bypass...

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in the Code node when running in legacy JavaScript execution mode. An attacker can access or modify files on the host system with the same privileges as the application process by invoking internal...

PT-2025-53606

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.0.0 Description n8n is a workflow automation platform. In self-hosted instances before version 2.0.0, when the Code node operates in legacy JavaScript execution mode, authenticated users with workflow editing permission...

EUVD-2020-0918

Malware in sbrugna...

EUVD-2017-2811

Malware in sbrugna...

EUVD-2013-0490

Malware in sbrugna...

EUVD-2023-58099

Malicious code in bioql PyPI...

PT-2025-32503 · Linksys · Linksys Re9000 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions up to 20250801 Description: A vulnerability exists due to os command injection. The RP setBasicAuto function within the /goform/RP setBasicAuto file is affected. Manipulation ...

PT-2025-31607 · Unknown · Projectworlds Online Admission System

Name of the Vulnerable Software and Affected Versions: projectworlds Online Admission System version 1.0 Description: A vulnerability exists in projectworlds Online Admission System version 1.0 related to SQL injection. The issue is located in an unknown functionality of the file /viewdoc.php...

PT-2025-29542 · WordPress · Restrict File Access

Name of the Vulnerable Software and Affected Versions: Restrict File Access plugin for WordPress versions up to and including 1.1.2 Description: The Restrict File Access plugin for WordPress is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the...

PT-2025-29334 · Phpgurukul · Phpgurukul Vehicle Parking Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Vehicle Parking Management System version 1.13 Description: A critical issue exists in PHPGurukul Vehicle Parking Management System 1.13. The vulnerability is due to a SQL injection flaw within the /users/print.php file. Manipulati...

PT-2025-28956 · Evesys · Evesys

Name of the Vulnerable Software and Affected Versions: evesys versions 7.1 2152 through 8.0 2202 Description: The software contains a reflected cross-site scripting XSS issue. The issue is located in the indexeva.php file through the action parameter. Recommendations: evesys versions prior to 7.1...

PT-2025-28487 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue has been found in the code-projects Library System. The problem affects an unknown part of the file /user/teacher/books.php. The manipulation of the Search argument leads ...

PT-2025-28335 · Unknown · Phpgurukul/Campcodes Cyber Cafe Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul/Campcodes Cyber Cafe Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /index.php. The manipulation of the Username argument leads to SQL...

PT-2025-28358 · Unknown · Code-Projects Crime Reporting System

Name of the Vulnerable Software and Affected Versions: code-projects Crime Reporting System version 1.0 Description: A critical issue affects the processing of the file /userlogin.php. The manipulation of the email argument leads to SQL injection. The attack can be initiated remotely...

PT-2025-28332 · Unknown · Phpgurukul Zoo Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue has been found in the PHPGurukul Zoo Management System, affecting the file /admin/add-foreigners-ticket.php. The manipulation of the cprice argument leads to SQL...

PT-2025-28481 · Unknown · Campcodes Sales/Inventory System

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical issue was found in the system, affecting some unknown functionality of the file "/pages/customer account.php". The manipulation of the Customer argument leads to SQL...

PT-2025-28326 · Unknown · Phpgurukul Zoo Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue has been found in the PHPGurukul Zoo Management System. The problem affects an unknown functionality of the file /admin/manage-normal-ticket.php. The manipulation of t...

PT-2025-28327 · Unknown · Phpgurukul Zoo Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue affects an unknown functionality of the file /admin/manage-animals.php. The manipulation of the ID argument leads to SQL injection. This issue can be exploited remotel...