scaffold-mcp 路径遍历漏洞

Scaffold-mcp is a scaffolding tool developed by AgiFlow for quickly building model context protocols. Versions of scaffold-mcp 1.0.27 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the filepath parameter in the packages/scaffold-mcp/src/server/index.ts file...

PromptX 路径遍历漏洞

PromptX is an open-source AI role creation and intelligent tool development platform based on the MCP protocol by Deepractice. Versions of PromptX 2.4.0 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the path parameters of the functions readdocx, readxlsx,...

PT-2026-35711

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /view prod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability arises from the parameter ID operation in the function deletecategory within th...

PT-2026-35684

Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description A remote OS command injection exists in the CGI Handler component. The issue occurs within the setVpnAccountCfg function of the '/cgi-bin/cstecgi.cgi' endpoint when manipulating the User...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability stems from the e-mail parameter in the Login function of the...

PT-2026-35670

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability stems from the e-mail parameter in the login2 function of the...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability. This vulnerability stems from the ID parameter in the getcartcount function of the...

XXL-JOB 安全漏洞

XXL-JOB is a distributed task scheduling platform developed by xuxueli. Versions of XXL-JOB 3.3.2 and earlier contain security vulnerabilities. These vulnerabilities stem from improper control of resource identifiers due to the parameter logId in the function logDetailCat of the Execution Log...

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

XXL-JOB 加密问题漏洞

XXL-JOB is a distributed task scheduling platform developed by xuxueli as an individual project. Versions of XXL-JOB 3.3.2 and earlier contained a security vulnerability related to encryption. This vulnerability stemmed from an unknown function parameter in the component’s OpenAPI Endpoint,...

EUVD-2026-25934

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=saveproduct. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-7194

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=saveproduct. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2026-7183 aligungr UERANSIM Radio Link Simulation Layer rls_pdu.cpp DecodeRlsMessage uncaught exception

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rlspdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be...

CVE-2026-7178 ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack...

CVE-2026-7178

ChatGPTNextWeb NextChat (up to version 2.16.1) contains a vulnerability in the Artifacts Endpoint: the storeUrl function in app/api/artifacts/route.ts can be manipulated via the argument ID to trigger server-side request forgery. This flaw is exploitable remotely over the network; exploitation ap...

Directory Traversal

Overview kaggle-mcp is an A MCP server for kaggle apis Affected versions of this package are vulnerable to Directory Traversal via the preparekaggledataset function in src/kagglemcp/server.py when processing the competitionid argument. An attacker can access arbitrary files on the server by...

CVE-2026-7158 dmitryglhf mcp-url-downloader server.py _validate_url_safe server-side request forgery

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...

CVE-2026-7156 Totolink A8000RU CGI cstecgi.cgi CsteSystem os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...