2 matches found
CVE-2026-40543 Missing Authorization in SOPlanning
SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases with usernames and password hashes, as well as the config.csv file, which includes additional...
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
Exploit for php platform in category remote exploits require 'msf/core' class Metasploit3 'vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since...