Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8062 matches found

Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.3 views

PT-2026-33716

A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipulation of the argument USER/PASSWORD leads to hard-coded credentials. The attack may be launched...

6.3CVSS5.1AI score0.00274EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.3 views

PT-2026-33718

A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component File Upload Endpoint. Performing a manipulation of the argument SECRET KEY results in use of hard-coded cryptographic key . Remote exploitation ...

3.1CVSS4.9AI score0.00248EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.2 views

PT-2026-33696

SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update...

6.9CVSS5.7AI score0.00228EPSS
Exploits0References4
NVD
NVDadded 2026/04/19 11:16 p.m.2 views

CVE-2026-6580

A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipulation of the argument key leads to use of hard-coded cryptographic key . The attack may be launch...

7.5CVSS0.00284EPSS
Exploits0References4
NVD
NVDadded 2026/04/19 10:16 p.m.2 views

CVE-2026-6578

A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRETKEY results in hard-coded credentials. The attack can be launched remotely. Th...

6.3CVSS0.00323EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/19 10:15 p.m.19 views

CVE-2026-6580 liangliangyy DjangoBlog Amap API Call views.py hard-coded key

A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipulation of the argument key leads to use of hard-coded cryptographic key . The attack may be launch...

7.5CVSS0.00284EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/19 10:15 p.m.1 views

CVE-2026-6580

A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipulation of the argument key leads to use of hard-coded cryptographic key . The attack may be launch...

7.5CVSS5.3AI score0.00284EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/19 10:15 p.m.1 views

CVE-2026-6580 liangliangyy DjangoBlog Amap API Call views.py hard-coded key

A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipulation of the argument key leads to use of hard-coded cryptographic key . The attack may be launch...

7.5CVSS6.6AI score0.00284EPSS
Exploits0References4
CVE
CVEadded 2026/04/19 10:15 p.m.10 views

CVE-2026-6580

The CVE describes a vulnerability in liangliangyy DjangoBlog (up to 2.1.0.0) affecting an unknown function in owntracks/views.py within the Amap API Call Handler. The issue arises from manipulation of the argument key that causes the use of a hard-coded cryptographic key. It can be exploited remo...

7.5CVSS6.6AI score0.00284EPSS
Exploits0References4
CVE
CVEadded 2026/04/19 9:15 p.m.7 views

CVE-2026-6578

Summary: CVE-2026-6578 affects the DjangoBlog app by liangliangyy up to version 2.1.0.0. The issue is located in djangoblog/settings.py (Setting Handler) where manipulating the SECRET_KEY leads to hard-coded credentials. It is possible to launch an attack remotely with high complexity, and the ex...

6.3CVSS5.5AI score0.00323EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/19 9:15 p.m.30 views

CVE-2026-6578 liangliangyy DjangoBlog Setting settings.py hard-coded credentials

A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRETKEY results in hard-coded credentials. The attack can be launched remotely. Th...

6.3CVSS0.00323EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/19 9:15 p.m.1 views

CVE-2026-6578

A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRETKEY results in hard-coded credentials. The attack can be launched remotely. Th...

6.3CVSS5.2AI score0.00323EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/19 9:15 p.m.5 views

CVE-2026-6578 liangliangyy DjangoBlog Setting settings.py hard-coded credentials

A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRETKEY results in hard-coded credentials. The attack can be launched remotely. Th...

6.3CVSS5.2AI score0.00323EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/19 3:30 p.m.2 views

EUVD-2026-23705

A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...

7.5CVSS6.5AI score0.00284EPSS
Exploits0References5
NVD
NVDadded 2026/04/19 2:16 p.m.5 views

CVE-2026-6574

A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...

7.5CVSS0.00284EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/19 1:30 p.m.31 views

CVE-2026-6574 osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials

A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...

7.5CVSS0.00284EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/19 1:30 p.m.0 views

CVE-2026-6574

A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...

7.5CVSS5.2AI score0.00284EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/19 1:30 p.m.3 views

CVE-2026-6574 osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials

A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The...

7.5CVSS6.5AI score0.00284EPSS
Exploits0References4
CVE
CVEadded 2026/04/19 1:30 p.m.13 views

CVE-2026-6574

CVE-2026-6574 affects osuuu LightPicture

7.5CVSS6.5AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/19 12:0 a.m.5 views

DjangoBlog 安全漏洞

DjangoBlog is a blog system developed by liangliangyy using Django. Versions of DjangoBlog 2.1.0.0 and earlier had security vulnerabilities. These vulnerabilities stemmed from the use of the parameter SECRETKEY in the file djangoblog/settings.py, which resulted in hard-coded credentials,...

6.3CVSS6.2AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder