12 matches found
PYSEC-2026-118
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
CVE-2026-21887 OpenCTI has a Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
CVE-2026-21887 OpenCTI has a Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
CVE-2026-21887 OpenCTI has a Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
EUVD-2026-11599
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
PT-2026-25009
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...
Command injection
Authenticated Semi-Blind Command Injection via Parameter Injection exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto...
多款Altus Sistemas de Automacao产品操作系统操作系统命令注入漏洞
The Altus Sistemas de Automacao Nexto NX30xx, among others, is an industrial automation device from the Brazilian company Altus Sistemas de Automacao. An operating system command injection vulnerability exists in several Altus Sistemas de Automacao devices. The vulnerability stems from the tcpdum...
MyBB 1.8.25 SQL Injection
Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...
MyBB 1.8.25 - Poll Vote Count SQL Injection
Exploit Title: MyBB 1.8.25 - Poll Vote Count SQL Injection Exploit Author: SivertPL [email protected] Date: 20.03.2021 Description: Lack of sanitization in the "votes" parameter in "Edit Poll" causes a second-order semi-blind SQL Injection that is triggered when performing a "Move/Copy"...
RunCMS 2M1 SQL Injection
query$sql redirectheader"index.php", 2, MDCANTGETFORUM; exit; ... 'forum' variable is taken from $POST array and inserted in a sql query without prior santization and without being surrounded by quotes. Then you can subsequently manipulate this query in /modules/forum/class/class.permissions.php ...
RunCMS 2ma post.php SQL injection
Exploit for unknown platform in category web applications ================================= RunCMS 2ma post.php SQL injection ================================= query$sql redirectheader"index.php", 2, MDCANTGETFORUM; exit; ... 'forum' variable is taken from $POST array and inserted in a sql query...