PT-2026-37283

Name of the Vulnerable Software and Affected Versions Network-AI versions prior to 5.1.3 Description The MCP HTTP transport accepts JSON-RPC tools/call requests without requiring authentication, sessions, origins, or token checks, dispatching them directly to the orchestrator's tool registry...

EUVD-2019-19768

Inout RealEstate contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the city parameter. Attackers can send POST requests to the agents/agentlistdetails endpoint with malicious SQL payloads in the city paramete...

CVE-2022-24038

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to damage the page where the agents are listed...

PT-2022-16429

Name of the Vulnerable Software and Affected Versions Karmasis Informatics Infraskope SIEM+ affected versions not specified Description The issue allows an unauthenticated attacker to damage the page where the agents are listed due to an unauthenticated access vulnerability. Recommendations At th...