176 matches found
fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
GHSA-RXW2-PC8J-VXWM fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection
Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP clie...
CVE-2019-25741
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
CVE-2019-25741
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
CVE-2019-25741 Mobatek MobaXterm 12.1 Buffer Overflow via Sessions File
Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...
EUVD-2026-32958
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the fix for CVE-2026-33509 prevents setting storagefolder inside PKGDIR or userdir, but does NOT protect the Flask session directory /tmp/pyLoad/flask. An authenticated attacker can set storagefolder to...
UFO³ 操作系统命令注入漏洞
UFO³ is an open-source cross-device collaboration multi-agent task orchestration tool developed by Microsoft. Versions of UFO³ prior to v3.0.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the use of ShellReceiver.runshell, which directly...
Exploit for Improper Neutralization of Null Byte or NUL Character in Wftpserver Wing_Ftp_Server
CVE-2025-47812 — Wing FTP Server Unauth RCE rewrite Python...
Exploit for Improper Input Validation in Adobe Commerce
CVE-2025-54236 - SessionReaper Lab Ambiente Docker para demon...
Exploit for Missing Authentication for Critical Function in Cpanel
CPANEL CVE EXPLOIT English | فارسی PersianREADME...
CVE-2026-7818 pgAdmin 4: Unsafe deserialization (CWE-502) in file-backed session manager leads to remote code execution
Deserialization of untrusted data CWE-502 in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents using Python's standard object-serialization module before performing any HMAC integrity check. Any file dropped into the sessions directo...
Exploit for Missing Authentication for Critical Function in Cpanel
cPanelSniper CVE-2026-41940 — c...
cPanelSniper-
cPanelSniper CVE-2026-41940 — c...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940: cPanel/WHM Authentication Bypass Analysis...
CVE-2026-31718
The CVE-2026-31718 entries describe a use-after-free in ksmbd (Linux kernel in-kernel SMB3 server) triggered when a durable file handle survives a session disconnect. The root cause is an asymmetric cleanup of lock state: byte-range locks left on a freed conn->lock_list after fp->conn is nu...
Exploit for Missing Authentication for Critical Function in Cpanel
cPanelSniper CVE-2026-41940 — c...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 Detection & Verification !License: MIThttp...
CVE-2026-41940: cPanel & WHM Authentication Bypass
Overview On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In the cPanel release notes, the bug was described as "an issue with session loading and saving." CVE-2026-41940, the identifier subsequently assigned on...
CVE-2026-35464
pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMINONLYOPTIONS set to block non-admin users from modifying security-critical config options. The storagefolder option is not in this set and passes the existing path restriction because the...
CVE-2026-30711
Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent...