14726 matches found
CVE-2024-42206 HCL iReflection Use of Third party vulnerable and outdated components issue was detected in the web application.
HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...
WebADM Security Auditor and Content Exposure Scanner
This Python script is a defensive security auditing tool designed to analyze a target web application for potential information exposure and security misconfigurations, specifically focusing on environments resembling WebADM. This was tested on version 2.4.17-1...
PT-2026-45793
HCL iReflection Third party vulnerable and outdated components issue was detected in the web application...
Malicious Package
Overview nottuff23 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...
CVE-2026-10258 itsourcecode Content Management System add_sub_topic.php sql injection
A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/addsubtopic.php. This manipulation of the argument topicid causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available ...
web-app-pentest-altoromutual
Web Application Penetration Test — AltoroMutual demo.testfire...
bastion-waf-simulator
BASTION — Web Application Firewall Simulator A real-time We...
[SECURITY] Fedora 43 Update: nginx-mod-naxsi-1.6-18.fc43
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
CVE-2026-10173
A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. This manipulation of the argument remote-source causes cross site scripting. It is possible to...
web-application-security-testing-tool
web-application-security-testing-tool A Python-based Web Appli...
NileBank-Vulnerable-App
NileBank - Web Pen Testing Project A realistic bank web appli...
CVE-2026-30760
An issue in SourceBans Material Admin before v.1.1.6 3ecd95e allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call...
Consistent Protections Without Compromise: Akamai’s WAF Is Now on AWS Marketplace
...
[SECURITY] Fedora 44 Update: nginx-mod-naxsi-1.6-18.fc44
naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...
PT-2026-44461
An issue in SourceBans Material Admin before v.1.1.6 3ecd95e allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call...
CVE-2026-45083
The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unauthenticated network clients and forwarded it to th...
CVE-2026-44886
Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...
dotnet: .NET: infinite loop allows an attacker to cause a denial of service
A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...
Pi.Alert SQL注入漏洞
Pi.Alert is a WIFI/LAN intrusion detector developed by the individual developer jokob-sk. Versions of Pi.Alert prior to version 2026-05-07 contained an SQL injection vulnerability. This vulnerability stemmed from improper handling of the action and scansource parameters in requests sent to...
SUSE CVE-2026-42268
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...