7 matches found
CVE-2026-7167
The CVE-2026-7167 entry concerns the Assassin game by Gaudire. It identifies a flaw in the authentication flow where the system improperly validates the 'email' field, allowing unverified or fake email addresses to be used to create accounts. The underlying cause is insufficient validation during...
EUVD-2026-38237
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
CVE-2026-7167
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
CVE-2025-61777 FlagForge Allows Unauthenticated Badge Template API Access
Flag Forge is a Capture The Flag CTF platform. Starting in version 2.0.0 and prior to version 2.3.2, the /api/admin/badge-templates GET and /api/admin/badge-templates/create POST endpoints previously allowed access without authentication or authorization. This could have enabled unauthorized user...
Arbitrary File Read And Write
org.apache.karaf.shell.core is vulnerable to arbitrary file read and write. A user with rights to the Karaf console is able to read or write any file on the file system, which would allow an attacker with access to the sshd service to abuse the vulnerability to read or write arbitrary files on th...
BEWARE of new Facebook Malware Claims, 'Malaysia Plane MH370 Has Been Spotted'
Hackers are very smart on gaining from every opportunity they get and this time the lost Malaysian Airlines flight MH370 gave them a chance to hijack, not the plane, but you all sitting over their operating your Facebook account and having an eye on every news related to the Mysterious Malaysian...
Conceptronic Grab'n'Go Authorization Bypass
Security Advisory AA-005: Authorization Bypass Vulnerability in Password Reset Function Conceptronic Grab’n’Go Network Storage 0-day Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 6, 2012 Vulnerability Type= Authorization Bypass...