CVE-2026-21629

CVE-2026-21629 concerns Joomla! Core: the admin-area ajax component (com_ajax) was excluded from the default logged-in-user access check, creating an access-control vulnerability. Multiple sources describe this as ACL-related hardening in com_ajax, with the issue tracked across CVE listings and O...

PT-2026-29501

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The ajax component was excluded from the default logged-in-user check in the administrative area, which may have been unexpected by third-party developers...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

EUVD-2025-198720

Malicious code in korea-administrative-area-geo-json-util npm...

Malicious code in korea-administrative-area-geo-json-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3e5fc5ac9320c5c6de500011362abf25bbbebf4427f272bef9a58fa0d5c0f03 The package korea-administrative-area-geo-json-util was found to contain malicious code. Source: ghsa-malware...

CVE-2024-1632

Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area...

CVE-2024-1632

CVE-2024-1632 is a vulnerability in Progress Sitefinity CMS where low-privileged users with backend access can obtain sensitive information from the administrative area. The connected sources confirm the issue affects the Sitefinity backend and constitutes an information disclosure (confidentiali...

Progress Sitefinity Security Breach

Progress Sitefinity is an open source platform for building corporate websites and intranets. A security vulnerability exists in Progress Sitefinity, which can be exploited to obtain sensitive information through the site administrative area by a user with access to the Sitefinity backend...

PT-2024-18180 · Progress · Sitefinity

Name of the Vulnerable Software and Affected Versions: Sitefinity affected versions not specified Description: Low-privileged users with access to the Sitefinity backend may obtain sensitive information from the site's administrative area. Recommendations: At the moment, there is no information...

FlexWATCH 3.0 - 'AIndex.asp' Authentication Bypass

source: https://www.securityfocus.com/bid/18948/info FlexWatch is prone to an authorization-bypass vulnerability. This issue is due to a failure in the application to properly verify user-supplied input. An attacker can exploit this issue to bypass the authorization mechanism. This allows the...

FlexWATCH 3.0 - AIndex.asp Authentication Bypass

FlexWATCH 3.0 - AIndex.asp Authentication Bypass source: https://www.securityfocus.com/bid/18948/info FlexWatch is prone to an authorization-bypass vulnerability. This issue is due to a failure in the application to properly verify user-supplied input. An attacker can exploit this issue to bypass...