4 matches found
Audiobookshelf Unauthenticated API Authentication Bypass Scanner
This module detects Audiobookshelf servers affected by CVE-2025-25205, an unauthenticated authentication bypass. Affected versions 2.17.0 through 2.19.0 decide whether a GET request may skip authentication by testing an unanchored regular expression against the request's full original URL,...
BIT-OAUTH2-PROXY-2025-54576 OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skipauthroutes configuration option...
CVE-2025-54576 OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skipauthroutes configuration option...
📄 Vite Local File Inclusion
Vite suffers from a local file inclusion vulnerability. This issue affected versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. Titles: CVE-2025-30208 - Vite @fs LFI Local File Inclusion Vulnerability Author: nu11secur1ty Date: 01/09/2025 Vendor: https://vite.dev/ Software:...