283275 matches found
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744-MCPJam-Exploit A proof-of-concept exploit for C...
CVE-2026-56197
Improper neutralization of special elements used in a command 'command injection' in Windows Admin Center allows an authorized attacker to execute code over a network...
CVE-2026-55145
Improper neutralization of special elements used in a command 'command injection' in Outlook Copilot allows an authorized attacker to perform tampering over a network...
CVE-2026-50488
Improper neutralization of special elements used in a command 'command injection' in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally...
CVE-2026-45077
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...
CVE-2026-47295
Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
CVE-2026-45067
Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...
GHSA-QW5R-PPCG-F8RJ MKP: Unbounded Pod Log Read via Attacker-Controlled `limitBytes`/`tailLines` Causes Memory Exhaustion
Unbounded Pod Log Read via Attacker-Controlled limitBytes/tailLines Causes Memory Exhaustion Summary The MKP Model Context Protocol for Kubernetes server exposes a getresource MCP tool that proxies Kubernetes pod log requests. User-supplied limitBytes and tailLines parameters are parsed as...
CVE-2026-45077
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...
CVE-2026-45077 Symfony: Unauthenticated PHP Object Deserialization in MonologBridge server:log Listener
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...
EUVD-2026-44330
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...
CVE-2026-62656 Post-authenticated command injection vulnerability found in certain NETGEAR RAX models
A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation...
CVE-2026-62658 Post-authentication Command Injection Vulnerability in certain Nighthawk RAX series models
A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router...
CVE-2026-45067
Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...
CVE-2026-45067 Symfony: Email Header / SMTP Command Injection via CRLF in Symfony\Component\Mime\Address
Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...
EUVD-2026-44322
Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...
FacturaScripts: Stored XSS in WidgetVariante and WidgetSubcuenta modal lists via HTML-attribute decoding of `Tools::noHtml`-escaped quotes inside `onclick=`
Summary WidgetVariante::renderVariantList Core/Lib/Widget/WidgetVariante.php:298-330 and WidgetSubcuenta::renderSubaccountList Core/Lib/Widget/WidgetSubcuenta.php:290-321 build the row for each modal hit by concatenating the user-controlled referencia / codsubcuenta field directly into a...
GHSA-3X7P-V8HJ-XH5M FacturaScripts: Stored XSS in WidgetVariante and WidgetSubcuenta modal lists via HTML-attribute decoding of `Tools::noHtml`-escaped quotes inside `onclick=`
Summary WidgetVariante::renderVariantList Core/Lib/Widget/WidgetVariante.php:298-330 and WidgetSubcuenta::renderSubaccountList Core/Lib/Widget/WidgetSubcuenta.php:290-321 build the row for each modal hit by concatenating the user-controlled referencia / codsubcuenta field directly into a...
metasploitable-vulnerability-mapping-with-nmap
Metasploitable Vulnerability Assessment Network Enumeration...
FacturaScripts: CSV formula injection in CSVExport allows authenticated low-priv users to plant payloads that execute when an admin opens the export
Summary Live PoC verified 2026-04-30 against a stock FacturaScripts master at 127.0.0.1:8081. A low-privilege user lowpriv created a customer with nombre = "=SUM1+1cmd|/c calc!A1". An admin then exported ListCliente to CSV via ?action=export&option=CSV. The downloaded file contains the raw payloa...