MamaBaohe ERP Management Cloud Platform SQL Injection Overview | Field | Value | |-------|-------| | Product | Maternal and Child Health ERP Manage...
CVE-2026-39938: Cacti " 3.2 Execute the Code by Including Log File bash curl -k -s "http://target-cacti/graphimage.php?action=view&localgraphid=1&g...
CVE-2026-20253 - Splunk Enterprise Pre-Auth RCE PoC ⚠️ ADVERTENCIA: Este script es solo para fines educativos y de prueba en entornos autorizados. ...
Docmost versions prior to 0.71.0 suffer from a persistent cross site scripting vulnerability...
TypeBot versions prior to 3.16.0 suffer from a server-side request forgery vulnerability...
A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored attachment insi...
Yeoman Environment versions 2.9.0 through 6.0.0 have an issue where missing generators can be installed without user confirmation, turning attacker...
Penpot's remote image import let an authenticated file editor turn a normal media convenience feature into backend-origin server-side request forge...
Plane's asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one authenticated user rea...
In Docmost versions 0.70.0 through 0.70.2, restricted child pages hidden from public share viewers could still leak through public share search res...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
