136 matches found
FatPipe WARP/IPVPN/MPVPN - Backdoor Account
FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain an account named "cmuser" with administrative privileges and no password, letting attackers gain unauthorized admin access, exploit requires no authentication. id: CVE-2021-27856 info: name: FatPipe...
CVE-2026-55207
Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server...
CVE-2026-12375
The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...
CVE-2026-12375 Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server
The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator sessio...
PT-2026-56148
Name of the Vulnerable Software and Affected Versions uncanny-automator-pro WordPress plugin versions prior to 7.3.0.6 Description The software was distributed with malicious code following a compromise of the vendor's update and distribution infrastructure. This supply chain compromise introduce...
CVE-2026-58466
AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via adddefaultuser in the database user module when the users table is empt...
CVE-2026-54069
SiYuan Note
CVE-2026-33543 FOSSBilling: Authentication bypass allows unauthenticated administrator creation
FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...
CVE-2026-33543
FOSSBilling versions 0.7.2 and earlier expose a guest API endpoint /api/guest/staff/create intended for initial admin bootstrap. A flawed admin-existence check (is_countable() used on a Model_Admin object or null) makes the guard always evaluate true, allowing unauthenticated creation of an admin...
CVE-2026-8935
The CVE concerns the WP MAPS PRO WordPress plugin prior to version 6.1.1. The vulnerability arises from an unauthenticated AJAX action that, when a valid nonce (publicly emitted on frontend pages enqueuing the map script) is supplied, unconditionally creates an administrator account and returns a...
CVE-2026-41448
AdGuard Home, when started with the --glinet flag, contains an authentication bypass vulnerability that allows unauthenticated attackers to gain full admin access by supplying a path traversal sequence in the Admin-Token cookie, exploiting unsanitized string concatenation in the token file path...
Exploit for CVE-2026-8732
CVE-2026-8732 – WordPress WP Maps Pro Exploit Unauthenticat...
WordPress plugin Frontend Admin by DynamiApps 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-9141 Taiko AG1000-01A Rev 7.3/8 Authentication Bypass via Web Interface
Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows unauthenticated attackers to access internal application pages without any session management or server-side authentication checks. Attacker...
GestioIP 3.5.7 Remote Command Execution
This Metasploit module exploits a command execution via file upload. If GestioIP is configured to use no authentication for admin account, no password is required to exploit the vulnerability. Otherwise, an authenticated user with admin right on the web site is required to exploit...
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...
PT-2026-39734
Name of the Vulnerable Software and Affected Versions SOCFortress CoPilot versions prior to 0.1.57 Description The application contains a hardcoded JSON Web Token JWT signing secret used as a fallback value in the backend/app/auth/utils.py file and the .env.example file. In deployments where the...
Hikvision HikCentral Professional 安全漏洞
Hikvision HikCentral Professional is a professional edition of the AI Cloud-based application management platform designed for edge domains by Hikvision, a Chinese company. Hikvision HikCentral Professional has security vulnerabilities, particularly an access control issue that may allow...
CVE-2026-41492 Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can...
EUVD-2026-25576
Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the...