CVE-2026-10264 lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal

A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly...

Cross-Site Request Forgery (CSRF)

github.com/destinygg/chat is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability exists due to lack of validation of in the web socket function in main.go which allows an attacker to bypass CSRF protection...

destiny.gg chat vulnerable to cross-site request forgery

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

GHSA-CJCC-46J8-XMR8 destiny.gg chat vulnerable to cross-site request forgery

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

CVE-2020-36625

A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

CVE-2020-36625

A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

Cross site request forgery (csrf)

A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

destiny.gg chat 跨站请求伪造漏洞

destiny.gg chat is destiny.gg open source a destin.gg chat backend. destiny.gg chat suffers from a cross-site request forgery vulnerability that stems from a problem with the function websocket.Upgrader in the file main.go, which could lead to cross-site request forgery...

CVE-2020-36625

Destiny.gg chat contains a Cross-Site Request Forgery (CSRF) vulnerability affecting the websocket.Upgrader implementation in main.go. The issue enables CSRF due to insufficient validation in the websocket handling path and could be triggered remotely. A patch identified as bebd256fc3063111fb4503...

CVE-2020-36625 destiny.gg chat main.go websocket.Upgrader cross-site request forgery

A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

CVE-2020-36625 destiny.gg chat main.go websocket.Upgrader cross-site request forgery

A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is...

Privilege Escalation

github.com/coreos/ignition is vulnerable to Privilege Escalation. The vulnerability exists due to the main function of main.go does not properly set the ignition-apply and ignition-rmcfg parameters according to the filepath.base arguments, allowing an attacker to access unprivileged containers in...

Race Condition

github.com/ntbosscher/gobase, is vulnerable to race conditions. The vulnerability exists in the httpauth function in the main.go file allowing an attacker to redirect HTTP requests to incorrect routing...

laravelN00b - Automated Scan .env Files And Checking Debug Mode In Victim Host

Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host. Scan rationale Scan host. Resolve IP adress and check .env file in IP Adress Checking debug mode Laravel Read .env variables Installation...