CVE-2026-32757 Admidio: HTMLPurifier Bypass in eCard Message Allows HTML Email Injection

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

Exploit for SQL Injection in Tyk

Disclaimer For educational purpose only! Details Proof of...

Exploit for SQL Injection in Tyk

Disclaimer For educational purpose only! Details Proof of...

Debian DLA-2117-1 : zsh security update

A privilege escalation vulnerability was discovered in zsh, a shell with lots of features, whereby a user could regain a formerly elevated privelege level even when such an action should not be permitted. For Debian 8 'Jessie', this problem has been fixed in version 5.0.7-5+deb8u1. We recommend...