42 matches found
CVE-2026-41037
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
CVE-2026-41037
The CVE-2026-41037 affects a Quantum Networks router, where inadequate sanitization of user input in the management CLI interface permits an authenticated remote attacker to inject arbitrary OS commands, enabling remote code execution with root privileges. The CVSSv4 base score is 8.7 (HIGH), wit...
CVE-2026-41037
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
PT-2026-33926
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
Captcha Protect 跨站脚本漏洞
Captcha Protect is an open-source middleware for CAPTCHA protection developed by libops, based on traffic detection. Versions of Captcha Protect prior to 1.12.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the challenge page accepting target values provided by...
PT-2026-22086
Name of the Vulnerable Software and Affected Versions Drupal CAPTCHA versions 0.0.0 through 1.16.9 Drupal CAPTCHA versions 2.0.0 through 2.0.9 Description A functionality bypass exists in Drupal CAPTCHA due to insufficient invalidation of security tokens. An attacker may bypass the CAPTCHA on...
Building a Transparent Keyserver
Today, we are going to build a keyserver to lookup age public keys. That part is boring. What’s interesting is that we’ll apply the same transparency log technology as the Go Checksum Database to keep the keyserver operator honest and unable to surreptitiously inject malicious keys, while still...
EUVD-2022-35141
Malicious code in bioql PyPI...
EUVD-2024-42579
Malicious code in bioql PyPI...
CVE-2025-54833 OPEXUS FOIAXpress Public Access Link (PAL) account-lockout and CAPTCHA protection bypass
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords...
CVE-2025-54833 OPEXUS FOIAXpress Public Access Link (PAL) account-lockout and CAPTCHA protection bypass
OPEXUS FOIAXpress Public Access Link PAL version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords...
CVE-2024-47654
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654 No Rate Limiting vulnerability
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
CVE-2024-47654
The issue affects Shilpi Client Dashboard (versions prior to 9.7.0). Root cause: lack of rate limiting and CAPTCHA protection for OTP requests in certain API endpoints, enabling unauthenticated attackers to flood OTP requests and cause an OTP bombing on the target system. Affected software and ve...
CVE-2024-47654 No Rate Limiting vulnerability
This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead...
PT-2024-32713 · Unknown · Shilpi Client Dashboard
Name of the Vulnerable Software and Affected Versions: Shilpi Client Dashboard versions prior to 9.7.0 Description: This issue exists due to a lack of rate limiting and Captcha protection for OTP requests in certain API endpoints. An unauthenticated remote attacker could exploit this by sending...