CVE-2026-4959 OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication

A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function checkuser of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interactionid results in missing authentication. Remote...

CVE-2026-4959 OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication

A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function checkuser of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interactionid results in missing authentication. Remote...

CVE-2026-2158

A vulnerability was detected in code-projects Student Web Portal 1.0. This impacts an unknown function of the file /checkuser.php. Performing a manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely...

CVE-2026-2158

CVE-2026-2158 affects code-projects Student Web Portal 1.0. The vulnerability is in an unknown function within the file /check_user.php where manipulation of the Username argument enables remote SQL injection. This has been consistently described across multiple sources (NVD, Red Hat, CNNVD, etc....

ecshop绕过原密码校验直接修改用户密码（安全隐患）

简要描述： 最新版本也存在此问题 详细说明： 该漏洞有个前提，需要会员系统整合ucenter 问题出在 user.php $action == 'acteditpassword' $oldpassword = isset$POST'oldpassword' ? trim$POST'oldpassword' : ''; $newpassword = isset$POST'newpassword' ? trim$POST'newpassword' : ''; $userid = isset$POST'uid' ? intval$POST'uid' : $userid; $code =...

LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities

No description provided by source. LightBlog 9.8 GET,POST,COOKIE Multiple Local File Inclusion Vulnerabilies url: http://www.publicwarehouse.co.uk/phpscripts/lightblog.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was...

LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ LightBlog 9.8 GET,POST,COOKIE Multiple LFI Vulnerabilities ============================================================ LightBlog 9.8 GET,POST,COOKIE Multiple Local File Inclusio...

lightblog98-lfi.txt

LightBlog 9.8 GET,POST,COOKIE Multiple Local File Inclusion Vulnerabilies url: http://www.publicwarehouse.co.uk/phpscripts/lightblog.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it...