PT-2026-42694

Name of the Vulnerable Software and Affected Versions SQLAdmin versions prior to 0.25.1 Description The ajax lookup endpoint in application.py bypasses the is accessible access control check enforced by other endpoints. If a developer restricts model access by overriding is accessible, an...

The HTTP request was forbidden with client authentication scheme

Veeam Data Cloud for Microsoft 365 Configuration Check Notice On 2026-05-22, an update to the Veeam Data Cloud for Microsoft 365 services introduced a configuration check to proactively detect configuration issues that may cause the issue described in this article's Challenge section. The Cause a...

CVE-2017-1500

A Reflected Cross Site Scripting XSS vulnerability exists in the authorization function exposed by RESTful Web Api of IBM Worklight Framework 6.1, 6.2, 6.3, 7.0, 7.1, and 8.0. The vulnerable parameter is "scope"; if you set as its value a "realm" not defined in authenticationConfig.xml, you get a...

DzSoft PHP Editor 4.2.7 File Enumeration

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DZSOFT-v4.2.7-PHP-EDITOR-FILE-ENUMERATION.txt + ISR: ApparitionSec Vendor: ============== www.dzsoft.com Product: ========================= DzSoft PHP Editor v4.2.7 DzSoft PHP...