12 matches found
PT-2026-42360
A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...
Exploit for SQL Injection in Churchcrm
CVE-2025-68400: ChurchCRM vulnerable to time-based blind SQL I...
ChurchCRM legacy endpoint SQL injection vulnerability
ChurchCRM is an open source church management system. ChurchCRM suffers from a SQL injection vulnerability that originates from the unvalidated familyId parameter in legacy endpoints/Reports/ConfirmReportEmail.php, and no details of the vulnerability are provided at this time...
CVE-2025-68400
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in the legacy endpoint /Reports/ConfirmReportEmail.php in ChurchCRM prior to version 6.5.3. Although the feature was removed from the UI, the file remains deployed and reachable directly via URL. This is a...
EUVD-2025-204001
ChurchCRM is an open-source church management system. A SQL Injection vulnerability exists in the legacy endpoint /Reports/ConfirmReportEmail.php in ChurchCRM prior to version 6.5.3. Although the feature was removed from the UI, the file remains deployed and reachable directly via URL. This is a...
PT-2025-51932
Name of the Vulnerable Software and Affected Versions ChurchCRM versions prior to 6.5.3 Description ChurchCRM is an open-source church management system with a SQL Injection issue present in a legacy endpoint. The vulnerability exists in the /Reports/ConfirmReportEmail.php endpoint and is...
EUVD-2021-23971
Malware in sbrugna...
CVE-2021-37402
OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled...
Siemens SINEMA Remote Connect Server 安全漏洞
SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunneled connections VPNs between headquarters, service technicians, and installed machines or plants.A security vulnerability in Siemens SINEMA Remote Connect Server stems from the fact that the affected...
Server-Side Request Forgery (SSRF)
github.com/goharbor/harbor is vulnerable to server-side request forgery SSRF. The vulnerability exists due to a legacy endpoint to test webhook, allowing an attacker with permissions to edit projects to perform a port scan of hosts within the internal network...
Forrester Study: VMware Carbon Black Cloud Provides 379% ROI
A newly published Forrester Consulting Total Economic Impact TEI study shows that organizations who replace their legacy endpoint security products with the VMware Carbon Black Cloud experience a 379% return on investment within three years. The commissioned study conducted on behalf of VMware al...
Cuvva: Missing rate-limits at endpoints
This is similar to 230674, but it turns out we missed out a key endpoint while fixing that one - the legacy POST /1/verificationtokensend used by older apps on our system. This has now been resolved : Thanks to @introvertmac for flagging this!...