CVE-2026-33153 Tandoor Recipes's Unauthenticated Debug Parameter Leaks Full Raw SQL Queries Including Schema, Table Names, and Access Control Logic

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the Recipe API endpoint exposes a hidden ?debug=true query parameter that returns the complete raw SQL query being executed, including all table names, column names, JO...

CVE-2026-33153 Tandoor Recipes's Unauthenticated Debug Parameter Leaks Full Raw SQL Queries Including Schema, Table Names, and Access Control Logic

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, the Recipe API endpoint exposes a hidden ?debug=true query parameter that returns the complete raw SQL query being executed, including all table names, column names, JO...

CVE-2024-54880

CVE-2024-54880 affects SeaCMS V13.1. The vulnerability is an Incorrect Access Control that enables a logic flaw, allowing any user to register accounts in bulk. Documented impact is high (CVSS 3.1: 9.1, CRITICAL) with network attack vector and no user interaction required. Connected sources consi...

Ubiquiti UniFi Network Security Breach

Ubiquiti UniFi Network is a wireless network management software solution from Ubiquiti, Inc. It is used to set up and manage UniFi Network devices. A security vulnerability exists in Ubiquiti UniFi Network version 7.5.176 and prior versions that stems from incorrect access control logic...

Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass (cisco-sa-20191120-iosxr-ssh-bypass)

According to its self-reported version, Cisco IOS XR Software is affected by a vulnerability in the access-control logic of the NETCONF over Secure Shell SSH due to a missing check in the NETCONF over SSH access control list ACL. An unauthenticated, remote attacker can exploit this, by by...

Cisco IOS XE Software Secure Shell Connection on VRF (cisco-sa-20190109-ios-ssh-vrf)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the access control logic of the Secure Shell SSH server due to a missing check in the SSH server. An authenticated, remote attacker can exploit this, by providing valid credentials to access a device i...