Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded yesterday7 views

CVE-2026-56073

CVE-2026-56073 affects Cap-go before 12.128.2. An authentication bypass in OTP verification lets an attacker bypass email verification by manipulating server responses, intercepting OTP requests and falsely marking verification as successful. This enables unauthorized 2FA enablement and potential...

9.4CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2026/04/29 9:16 a.m.2 views

CVE-2026-42513

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

8.8CVSS0.00482EPSS
Exploits0References1
CVE
CVEadded 2026/04/29 8:13 a.m.15 views

CVE-2026-42513

CVE-2026-42513 affects e-Sushrut HMIS. The vulnerability stems from improper authentication logic that relies on client-side response parameters to determine login status, enabling a remote attacker to intercept and modify server responses to bypass authentication and gain unauthorized access to ...

8.8CVSS5.6AI score0.00482EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.5 views

PT-2026-35881

Name of the Vulnerable Software and Affected Versions e-Sushrut affected versions not specified Description Improper authentication logic relies on client-side response parameters to determine authentication status. A remote attacker can intercept and modify the server response to bypass...

8.8CVSS5.4AI score0.00482EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.5 views

PT-2026-28120

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation...

6.5CVSS5.8AI score0.00214EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2025/11/25 10:55 p.m.3 views

OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation

Summary During the login process, the server response included a parameter called isMasterAdmin. By intercepting and modifying this parameter value from false to true, a user is able to gain access to the admin dashboard interface. However, despite accessing the admin panel, the user does not hav...

8.2CVSS7AI score0.00259EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2025/02/14 12:0 a.m.60 views

CVE-2024-57778

CVE-2024-57778 affects the Orbe ONetView Onet-1200 router. The issue allows a remote attacker to escalate privileges by exploiting a server response flow that changes from HTTP 500 to HTTP 200. Documents consistently describe the affected device as Orbe ONetView Roeador Onet-1200/Onet-1200 and in...

8.8CVSS7.4AI score0.00516EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2020/01/08 9:59 p.m.365 views

X (Formerly Twitter): Bypass Password Authentication for updating email and phone number - Security Vulnerability

Summary: Additional requirement for authentication is an extra layer of security for a person's Twitter account. Instead of only entering the password at the time of log in, twitter further Introduces additional layer of security by prompting users to enter their password before attempting to...

7.2AI score
Exploits0
Rows per page
Query Builder