PT-2026-26291

CVE-2026-30711 Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent. https://t.co/VA5JZrI5IV...

CVE-2006-5116

Multiple cross-site request forgery CSRF vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by 1 directly setting a token in the URL though dynamic variable evaluation and 2 unsetting arbitrary variables via the REQUEST array,...

Remote file inclusion

DISPUTED PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under t...

[Full-disclosure] Confixx Index.PHP SQL Injection Vulnerability (Exploit - not new vuln)

Here is more information on the confixx vuln released by LoK Crew. Sorry for the poor quality of this posting, I was short of time. Product: ^^^^^^^ Confixx is a comprehensive control panel that provides the best value, proven quality, fully developed feature set and quality support. The software...