📄 Institute Admission Software 2.5 Insecure Direct Object Reference

Institute Admission Software version 2.5 suffers from an insecure direct object reference vulnerability. ============================================================================================================================================= | Title : Institute Admission Software 2.5 IDOR...

Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts

Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall WAF that could allow an attacker to take over admin accounts and completely compromise a device. "The watchTowr team is seeing active, indiscriminate...

PT-2025-34150 · Dts-Shop · Dts-Shop

Name of the Vulnerable Software and Affected Versions: dts-shop version 0.0.1-SNAPSHOT Description: Incorrect access control in dts-shop allows attackers to bypass authentication by sending a crafted payload to the /admin/auth/index API endpoint. Recommendations: As a temporary workaround, restri...

Exploit for CVE-2017-17562

GoAhead Web Server 2.5 use multi/handler msf6 exploitmulti/h...

CVE-2015-5022

IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...