2 matches found
CVE-2026-48692
FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials src/fastnetmon.cpp line 477 and a source code comment explicitly acknowledges 'Listen on the given address without an...
MediaWiki Unauthorized Operation Vulnerability
MediaWiki is a famous wiki program that runs on PHP+MySQL environment. MediaWiki suffers from an unauthorized operation vulnerability. A remote attacker can exploit this vulnerability by constructing a revisiondelete operation that can be used to delete, revise, ban, etc...