14724 matches found
ai-security-poc
AI Security POC A fully containerised proof-of-concept for te...
listmonk Admin Authentication / Password Flow Security Assessment Module
This Metasploit auxiliary module is a web application security testing tool designed to evaluate authentication and password management logic in a Listmonk admin panel deployment...
Command-Injection
📄 Write-up : Command Injection - Filter Bypass Root-Me Challe...
hospital-waf-mcp
Hospital WAF Management System Release: v1.0.0 Languag...
Web-Application-Pentest-Report
Web-Application-Pentest-Report OWASP methodology penetration t...
EUVD-2026-24748
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
EUVD-2026-24750
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-33611
An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend...
CVE-2026-6356 CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356 CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356
Technical details are not publicly available in the provided documents. No affected product/version, exploit details, or remediation are specified here. Monitor for updates from official sources.
CVE-2026-6355
CVE-2026-6355 describes a vulnerability in a web application where unauthorized users can access and manipulate sensitive data across tenants by exploiting insecure direct object references. The root cause is insecure handling of object identifiers that allows cross-tenant access and configuratio...
CVE-2026-6355 CVE-2026-6355
A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...
Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud
In today’s dynamic digital environment, the pressure to innovate has never been greater. Development teams are pushing for native cloud tools to maximize performance and cost-efficiency, while security teams require best-of-breed, enterprise-grade protection to defend against an ever-evolving...
PT-2026-34335
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them ...
WeKan 安全漏洞
WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.35 contained security vulnerabilities. These vulnerabilities stemmed from insufficient authorization checks for Integration REST API endpoints, which could allow authenticated dashboard members to perfo...
PT-2026-34334
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An insecure direct object reference allows unauthorized users to access and manipulate sensitive data across different tenants. This can result in unauthorized...
Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System
CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...