7574 matches found
Pharmacy Point Of Sale System 安全漏洞
The Pharmacy Point Of Sale System is a web-based application developed by Carlo Montero. It is used to help a pharmacy manage its sales transactions. Version 1.0 of the Pharmacy Point Of Sale System has a security vulnerability, which stems from an SQL injection vulnerability in the...
CVE-2026-27457
Weblate is a web based localization tool. Prior to version 5.16.1, the REST API's AddonViewSet weblate/api/views.py, line 2831 uses queryset = Addon.objects.all without overriding getqueryset to scope results by user permissions. This allows any authenticated user or anonymous users if REQUIRELOG...
CVE-2026-22890
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-22878
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
EUVD-2026-8948
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-25774
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-22878
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
EUVD-2026-8928
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-22878 Mobility46 mobility46.se Insufficiently Protected Credentials
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-20733
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-25774
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-27773
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
PT-2026-22245
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-22890
Technical details are not publicly available in the provided documents. Monitor for updates from the listed sources to determine affected products, root cause, impact, and remediation.
CVE-2026-20791
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
CVE-2026-20091
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control C2 infrastructure to make it resilient to takedown efforts. "Instead of relying on traditional servers or domains for command-and-control, Aeternum stores it...
CVE-2026-27611
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...
ROS-20260224-73-0011
A vulnerability in the iTop web-based IT service management tool is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing
It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we...