58811 matches found
CVE-2026-41473 CyberPanel < 2.4.4 Unauthenticated API Access via AI Scanner Endpoints
CyberPanel versions prior to 2.4.4 contain an authentication bypass vulnerability in the AI Scanner worker API endpoints that allows unauthenticated remote attackers to write arbitrary data to the database by sending requests to the /api/ai-scanner/status-webhook and /api/ai-scanner/callback...
CVE-2026-41472 CyberPanel < 2.4.4 Stored XSS via AI Scanner Dashboard
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...
CVE-2026-41472
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...
CVE-2026-41472
CVE-2026-41472 affects CyberPanel versions prior to 2.4.4. The stored XSS occurs in the AI Scanner dashboard via POST /api/ai-scanner/callback where no authentication is required, allowing an attacker to overwrite the findings_json field in ScanHistory records and inject JavaScript. The injected ...
EUVD-2026-25630
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...
CVE-2026-41472 CyberPanel < 2.4.4 Stored XSS via AI Scanner Dashboard
CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnerability in the AI Scanner dashboard where the POST /api/ai-scanner/callback endpoint lacks authentication and allows unauthenticated attackers to inject malicious JavaScript by overwriting the findingsjson field of...
Black-Oracle
🖤 BLACK ORACLE 🖤 «The Eye That Sees Through Digital...
Nexusuite
Nexusuite Next-Gen Autonomous Pentesting Suite. Scan targets w...
PT-2026-35083
Name of the Vulnerable Software and Affected Versions CyberPanel versions prior to 2.4.4 Description A stored cross-site scripting issue exists in the AI Scanner dashboard. The endpoint '/api/ai-scanner/callback' does not require authentication, allowing unauthenticated attackers to inject...
CyberPanel 访问控制错误漏洞
CyberPanel is a virtual hosting control panel developed by Usman Nasir, which includes DNS and email servers. Versions of CyberPanel prior to 2.4.4 contained an access control vulnerability. This vulnerability stemmed from an authentication bypass in the AI Scanner worker API endpoints, allowing...
CyberPanel 跨站脚本漏洞
CyberPanel is a virtual hosting control panel developed by Usman Nasir, which includes DNS and email servers. Versions of CyberPanel prior to 2.4.4 had a cross-site scripting vulnerability. This vulnerability originated from a storage-based cross-site scripting vulnerability in the AI Scanner...
Fedora 42 : flatpak-builder (2026-631b9d535c)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-631b9d535c advisory. This update includes a fix for CVE-2026-39977. See also: the upstream advisory Tenable has extracted the preceding description block directly from the Fedora...
PT-2026-35084
Name of the Vulnerable Software and Affected Versions CyberPanel versions prior to 2.4.4 Description An authentication bypass in the AI Scanner worker API endpoints allows unauthenticated remote attackers to write arbitrary data to the database. This is achieved by sending requests to the endpoin...
MetInfo CMS 8.1 WeChat Module Vulnerability Detection Scanner
This Metasploit auxiliary module is a non-exploit vulnerability detection scanner designed to assess potential security weaknesses in the MetInfo CMS WeChat module, specifically related to weixinreply.class.php handling logic...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 13, 2026 to April 19, 2026)
Last week, there were 139 vulnerabilities disclosed in 118 WordPress Plugins and 10 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 85 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...
web-vulnerability-scanner
web-vulnerability-scanner This Reposito...
EUVD-2018-21782
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
EUVD-2018-21779
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...
CVE-2018-25266
Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailab...
CVE-2018-25262
Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...