CVE-2026-46392

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the saveFile endpoint validates upload extensions case-insensitively and writes the filename to disk verbatim, but the .htaccess rule that forces Content-Disposition: attachment on HTML...

EUVD-2026-34883

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the saveFile endpoint validates upload extensions case-insensitively and writes the filename to disk verbatim, but the .htaccess rule that forces Content-Disposition: attachment on HTML...

CVE-2026-46392

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the saveFile endpoint validates upload extensions case-insensitively and writes the filename to disk verbatim, but the .htaccess rule that forces Content-Disposition: attachment on HTML...

PT-2026-47029

Name of the Vulnerable Software and Affected Versions HAX CMS PHP versions prior to 26.0.0 Description The saveFile endpoint validates upload extensions case-insensitively and writes the filename to disk verbatim. However, the .htaccess rule designed to force Content-Disposition: attachment on HT...

CVE-2026-2999

CVE-2026-2999 affects IDExpert Windows Logon Agent by Changing. Described vulnerability: unauthenticated remote RCE that enables forcing the system to download and execute arbitrary executables from a remote source. The provided documents do not specify affected versions, root cause details beyon...

Microsoft Lync For Mac 2011 Injection

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlie...

Vulnerability tracking: Flash critical Vulnerability（CVE-2 0 1 5-0 3 1 1 detailed technical analysis-vulnerability warning-the black bar safety net

Last week's Flash 0day vulnerability you play cool. Known for their natural also want to know its so natural, playing tired, sit down and take a look at this vulnerability causes. Trend Micro recently to the vulnerability detailed analysis, the author translated, the readers. Vulnerability contex...

Vulnerability alert: Flash Exposure of serious security vulnerabilities, affecting all versions of Windows System, IE and FireFox browsers-bug warning-the black bar safety net

Last week for Adobe, it should be a busy week, although the vulnerability for Adobe to say already is commonplace, but you can remotely execute malicious code, access the system control of high-risk vulnerability does not see more. Critical: remote code execution vulnerability On Tuesday, Adobe...