CVE-2025-46826

CVE-2025-46826 affects the insa-auth authentication server (INSA Rouen). The issue is a minor Open-Redirect/secondary authentication bridge exposure that could allow third-party websites to access basic student information (name and number). It posed low risk, was not exploited, and a fix was dep...

CVE-2025-46826 insa-auth Open-Redirect on provided CAS server login endpoint

insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information name and number. However, the issue posed minimal risk, was never exploited, and had limited...

Metasploit Wrap-Up

Metasploit Wrapup Windows print spooler vulnerability...again Here we have bwatters-r7 coming in with an exploit for CVE-2020-1337, a patch bypass for a Windows print spooler elevation of privilege vulnerability that was exploited in the wild last year. The original vulnerability, CVE-2020-1048,...

MS Patch Tuesday: Googler Zero-Day Fixed in 33 Days

Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision. Ormandy claims he spent five days negotiating...

Claroline v.1.8.11 Cross-Site Scripting

Author: Gerendi Sandor Attila Original Advisory: http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html Date: May 05, 2009 Package: Claroline 1.8.11 Product Homepage: http://www.claroline.net/ Versions Affected: v.1.8.11 Other versions may also be affected Severity: Medium...

Fwd: Re: phpnuke, security problem...

Hi, Due to this reply, i see no reason to delay this. No patch nor new version has been released, for a quick fix, see below. Regards, Joao Gouveia ------------ [email protected] Francisco Burzi [email protected] Joao Gouveia wrote: Helo Francisco, There is yet another security flaw with the new...