178 matches found
9router's Hardcoded Default fallback JWT Secret Allows Authentication Bypass
Summary 9router uses a publicly known hardcoded string "9router-default-secret-change-me" as the fallback of JWT secret for all Dashboard session JWTs when the JWTSECRET environment variable is not set. Because this secret is committed in the public repository and unchanged across all releases, a...
GHSA-RXW2-PC8J-VXWM fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
CVE-2019-25741
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
CVE-2019-25741
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
CVE-2019-25741 Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
EUVD-2026-32958
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prevents setting storagefolder inside PKGDIR or userdir, but does NOT protect the Flask session directory /tmp/pyLoad/flask. An authenticated attacker can set storagefolder to...
UFO³ 操作系统命令注入漏洞
UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Versions of UFO³ prior to v3.0.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the use of ShellReceiver.runshell, which directly...
Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server
CVE-2025-47812 — Wing FTP Server Unauth RCE rewrite Python...
Exploit for Improper Input Validation in Adobe Commerce
CVE-2025-54236 - SessionReaper Lab Ambiente Docker para demon...
Exploit for Missing Authentication for Critical Function in Cpanel
CPANEL CVE EXPLOIT English | فارسی PersianREADME...
CVE-2026-22677 Hermes WebUI < 0.51.44 Path Traversal via Session Import Endpoint
Hermes WebUI prior to 0.51.44 contains a path traversal vulnerability in the session import endpoint that allows authenticated attackers to read arbitrary files by importing a crafted session with an unrestricted workspace value. Attackers can supply a blocked filesystem root in the workspace fie...
CVE-2026-7818 pgAdmin 4: Unsafe deserialization (CWE-502) in file-backed session manager leads to remote code execution
Deserialization of untrusted data CWE-502 in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents using Python's standard object-serialization module before performing any HMAC integrity check. Any file dropped into the sessions directo...
Exploit for Missing Authentication for Critical Function in Cpanel
cPanelSniper CVE-2026-41940 — c...
cPanelSniper-
cPanelSniper CVE-2026-41940 — c...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940: cPanel/WHM Authentication Bypass Analysis...
CVE-2026-31718
The CVE-2026-31718 entries describe a use-after-free in ksmbd (Linux kernel in-kernel SMB3 server) triggered when a durable file handle survives a session disconnect. The root cause is an asymmetric cleanup of lock state: byte-range locks left on a freed conn->lock_list after fp->conn is nu...
Exploit for Missing Authentication for Critical Function in Cpanel
cPanelSniper CVE-2026-41940 — c...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 Detection & Verification !License: MIThttp...
CVE-2026-41940: cPanel & WHM Authentication Bypass
Overview On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In the cPanel release notes, the bug was described as "an issue with session loading and saving." CVE-2026-41940, the identifier subsequently assigned on...