CVE-2026-32312

GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, an authenticated user with forms READ permission can export the structure of unauthorized forms. This issue has been fixed in version 11.0.7...

PT-2026-1968

Name of the Vulnerable Software and Affected Versions Campaign Monitor for WordPress versions through 2.9.0 Description A missing authorization issue exists in Campaign Monitor for WordPress forms-for-campaign-monitor, allowing exploitation of incorrectly configured access control security levels...

CVE-2025-67015

CVE-2025-67015 affects the Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2.5.1. Root cause is improper access control that lets an unauthenticated attacker modify the Administrator password and escalate privileges by sending a crafted POST to /Forms/admin_access_1. Im...

EUVD-2019-5493

Malware in sbrugna...

Fortra FileCatalyst 5.1.6 < 5.2.0 build 130 Unrestricted File Upload (fi-2025-010)

The version of Fortra FileCatalyst Workflow running on the remote host is 5.1.6 prior to 5.2.0 build 130. It is, therefore, is affected by a unrestricted file upload vulnerability as referenced in fi-2025-010 advisory. - Improper Access Control issue in the Workflow component of Fortra's...