GHSA-67CG-CPJ7-QGC9 File Browser discloses text file content via /api/resources endpoint bypassing Perm.Download check

Summary The resourceGetHandler in http/resource.go returns full text file content without checking the Perm.Download permission flag. All three other content-serving endpoints /api/raw, /api/preview, /api/subtitle correctly verify this permission before serving content. A user with download: fals...

Picklescan Bypasses Unsafe Globals Check using pty.spawn

Summary The vulnerability allows malicious actors to bypass PickleScan's unsafe globals check, leading to potential arbitrary code execution. The issue stems from the absence of the pty library more specifically, of the pty.spawn function from PickleScan's list of unsafe globals. This vulnerabili...

EUVD-2025-202176

mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 and below allow attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic. This issue does not have a fix a...

EUVD-2025-36882

Cryptographic validation of upgrade images could be circumventing by dropping a specifically crafted file into the upgrade ISO...

Exploit for CVE-2021-1675

It Was All A Dream A CVE-2021-34527 a.k.a PrintNightmare Python Scanner. Allows you to scan entire subnets for the PrintNightmare RCE not the LPE and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN. This tool has "de-fanged" versions of the Python exploits, i...

Domain Name Validation Bypass with Apple Native Certificate Validation

...

Apache InLong 代码问题漏洞

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.13.0 to 2.1.0 has a deserialization vulnerability , the vulnerability stems from the application in the...

Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin

...

UBUNTU-CVE-2020-22669

Modsecurity owasp-modsecurity-crs 3.2.0 Paranoia level at PL1 has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications...

Mozilla: Iframe sandbox bypass with XSLT

The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...

Google Chrome is Abused to Deliver Malware as Legit Windows 10 App

Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that cleverly bypasses Windows cybersecurity protections called User Account Control UAC. Researchers from Rapid7 recently identified the campaign and warn the goal of t...

Online-Food-Ordering-Web-App SQL Injection

CVE-2021-41647 SQL Injection in Online-Food-Ordering-Web-App The Online-Food-Ordering-Web-App is vulnerable to un-authenticated error and time-based blind SQL Injection attacks. The username parameter on the /login.php page does not sanitize the user input, an attacker is able to bypass the login...

Online-Food-Ordering-Web-App SQL Injection Vulnerability

CVE-2021-41647 SQL Injection in Online-Food-Ordering-Web-App The Online-Food-Ordering-Web-App is vulnerable to un-authenticated error and time-based blind SQL Injection attacks. The username parameter on the /login.php page does not sanitize the user input, an attacker is able to bypass the login...

School ERP Pro 1.0 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: School ERP Pro 1.0 - Remote Code Execution Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKUR...

Shopify: Open Redirect in www.shopify.dev Environment

Summary Reported vulnerability allows attacker for open/unknown redirect for victim user Steps to reproduce 1 Go to https://shopify.dev/concepts/shopify-introduction 2 Click on search 3 Type POC in search box and hit enter 4 Right click on first result displayed as POS and click on copy link...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20191106)

This update upgrades Thunderbird to version 68.2.0. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 CVE-2019-11764 - Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11757 - Mozilla: Potentially exploitable crash due to 360 Total...

Starbucks: Reflected cross-site scripting on multiple Starbucks assets.

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Please indicate NA, if not applicable. Remember, the more detail you provide, the easier it is for us to verify and then potentially issue a bounty, so be sure to take your time filling...

Threat Analysis: Recent Attack Technique Leveraging cmd.exe and PowerShell Demonstrates How Attackers Are Using Trusted Microsoft Applications for Malicious Behavior

An attack leveraging cmd.exe and PowerShell was recently investigated by Cb ThreatSight analysts. Our initial investigation discovered that a batch file was executed on the targeted system. This batch file then invoked PowerShell with a base64 encoded command. Decoding the command revealed a seri...

Domains Hostings Manager PRO 3.0 - Authentication Bypass

Domains Hostings Manager PRO 3.0 - Authentication Bypass Exploit Title: Domains & Hostings Manager PRO v 3.0 - Authentication Bypass Date: 13.01.2018 Vendor Homepage: http://endavi.com/ Software Buy: https://codecanyon.net/item/advanced-domains-and-hostings-pro-v3-multiuser/10368735 Demo:...

Google’s reCaptcha Cracked Again

Google’s reCaptcha service has been cracked by a group of University of Maryland researchers who devised an automated attack that can break the service with 85 percent accuracy. The researchers created a tool called unCaptcha that is able to abuse the audio challenge option of Google’s reCaptcha ...