CVE-2026-32521

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows DOM-Based XSS.This issue affects WP Custom Admin Interface: from n/a through = 7.42...

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

EUVD-2025-8657

Malicious code in bioql PyPI...

EUVD-2025-25821

Malicious code in bioql PyPI...

CVE-2025-54048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniOrange Custom API for WP custom-api-for-wp allows SQL Injection.This issue affects Custom API for WP: from n/a through = 4.2.2...

CVE-2025-54049 WordPress Custom API for WP <= 4.2.2 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through = 4.2.2...

CVE-2025-28090

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery SSRF in the Collection Custom Interface feature...

CVE-2025-28090

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery SSRF in the Collection Custom Interface feature...

CVE-2025-28090

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery SSRF in the Collection Custom Interface feature...

CVE-2025-28090

CVE-2025-28090 affects maccms10 v2025.1000.4047 with a Server-Side Request Forgery (SSRF) in the Collection Custom Interface feature. Root cause is an SSRF in that feature, enabling the server to make unintended requests. CVSS 3.1 base score 9.1 (CRITICAL) with network attack vector, no user inte...

CVE-2025-28090

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery SSRF in the Collection Custom Interface feature...

PT-2025-13587 · Maccms10 · Maccms10

Name of the Vulnerable Software and Affected Versions: maccms10 version 2025.1000.4047 Description: The issue is related to Server-Side Request Forgery SSRF in the Collection Custom Interface feature. This allows an attacker to trick the server into making unintended requests. Recommendations: Fo...

CVE-2024-39765

CVE-2024-39765 affects Wavlink AC3000 (M33A8.V5030.210505). Talos-reported vulnerabilities in internet.cgi set_add_routing() allow OS command injection via the custom_interface POST parameter, potentially enabling arbitrary command execution after authentication. The exploit path involves constru...

Extensible Debugger UI For Hackers: Voltron

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers LLDB, GDB, VDB and WinDbg by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you ca...