Lucene search
K

9 matches found

NVD
NVD
added 2026/06/29 3:16 p.m.8 views

CVE-2026-56124

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS0.00365EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 1:47 p.m.25 views

CVE-2026-56124

CVE-2026-56124 affects phpUploader prior to 2.0.2. An unauthenticated information-disclosure flaw exists where the index model runs an unbounded SELECT and embeds the full JSON-encoded result set in an inline script, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53284

Name of the Vulnerable Software and Affected Versions phpUploader versions prior to 2.0.2 Description An unauthenticated information disclosure exists where remote attackers can access the full contents of the uploaded-files database table by visiting any page of the application. The index model...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48872

VeraCrypt 1.26.29 is now available!🎉 - Argon2id KDF for non-system volumes - Security fixes: CVE-2026-54073 & CVE-2026-53762 - Microsoft UEFI CA 2023 support for system encryption - Driver, EFI, Linux/macOS fixes 🔗More details at https://t.co/xdLi5dqTrX...

5.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48875

⚠️ If you use hidden volumes in VeraCrypt: Versions 1.26.6 – 1.26.28 had a regression that could weaken plausible deniability of hidden volumes inside file containers CVE-2026-54073. Fixed in 1.26.29. If this applies to you, recreate the container + hidden volume with the new version and securely...

5.3AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46850

Summary There is a Proof of Concept which is able to enumerate the usernames of administrator users. This was possible by performing a timing attack. Details The faulty code exists in src/Core/Framework/Api/OAuth/UserRepository.php: public function getUserEntityByUserCredentials string $username,...

3.7CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2024/03/28 5:53 p.m.25 views

GHSA-R75M-26CQ-MJXC Serverpod improved security for stored password hashes

Description Improved security for stored password hashes Serverpod now uses the OWASP, source, recommended Argon2Id password hash algorithm to store password hashes for the email authentication module. Starting from Serverpod 1.2.6 all users that either creates an account or authenticates with th...

5.3CVSS5.6AI score0.00262EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/03/28 5:53 p.m.38 views

Serverpod improved security for stored password hashes

Description Improved security for stored password hashes Serverpod now uses the OWASP, source, recommended Argon2Id password hash algorithm to store password hashes for the email authentication module. Starting from Serverpod 1.2.6 all users that either creates an account or authenticates with th...

5.3CVSS7.2AI score0.00262EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2024/03/28 12:0 a.m.4 views

Serverpod improved security for stored password hashes

Serverpod now uses the OWASP recommended Argon2Id password hash algorithm to store password hashes for the email authentication module...

5.3CVSS5.9AI score0.00262EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder