32280 matches found
AutoVAPT
█████╗ ██╗ ██╗████████╗ ██████╗ ██╗ ██╗ █████╗ ██████╗...
CVE-2026-11475
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-11475
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
PT-2026-47237
A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...
CVE-2026-41687
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...
exploit-validator
$repo Production-grade offensive security tool for Purpose...
CVE-2026-9793 Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing
A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...
EUVD-2026-32707
A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.7 release.
Red Hat Developer Hub 1.8.7 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
SourceCodester Student Grades Management System 授权问题漏洞
SourceCodester Student Grades Management System is SourceCodester open source a student grades management system . SourceCodester Student Grades Management System version 1.0 has an authorization issue vulnerability , the vulnerability stems from the operation of the parameter studentid in the fi...
CVE-2026-41687
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...
CVE-2026-41687
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...
EUVD-2026-28383
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...
CVE-2026-41687 Wallos: SSRF CGNAT Bypass in subscription/payments Logo URL — is_cgnat_ip() Not Used in Inline Checks
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php line 42 and endpoints/payments/add.php line 40 uses an inline IP validation check FILTERFLAGNOPRIVRANGE | FILTERFLAGNORESRANGE that does not block...
CVE-2026-41687
Wallos vulnerability CVE-2026-41687 affects prior to version 4.8.1. The SSRF protection in endpoints/subscription/add.php and endpoints/payments/add.php relies on inline IP validation that omits CGNAT 100.64.0.0/10. The project’s ssrf_helper.php defines is_cgnat_ip(), but the logo/icon URL fetchi...
LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations
Cambridge, MA, 5th May 2026, CyberNewswire...
Automotive Grade Linux agl-service-can-low-level 安全漏洞
Automotive Grade Linux agl-service-can-low-level is an in-vehicle communication service component from Automotive Grade Linux. A security vulnerability exists in Automotive Grade Linux agl-service-can-low-level version 17.1.12, which stems from a heap buffer over-read in the isotp-c library, wher...