CVE-2026-26980 — Ghost CMS Content API Blind SQL Injection Affected: Ghost 3.24.0 – 6.19.0 Fixed in: Ghost 6.19.1 Auth required: None — Content API...
pocsmith pocsmith generates modular Python proof-of-concept templates from alias flags or YAML profiles. Install From GitHub with pipx: bash pipx i...
Sql-injection-scanner Developing a security scanning tool that can quickly, reliably, and automatically detect SQL Injection vulnerabilities in web...
CVE-2026-34212 Docmost accepted a javascript: URL inside an attachment node, preserved it through storage and rendering, and turned it back into a ...
CVE-2026-34213 A low-privileged Docmost user could supply a victim attachmentId to the generic upload endpoint and overwrite another page's stored ...
CVE-2026-34207 The SSRF filter checked hostname text, but the actual destination was decided later by DNS. That gap let attacker-controlled Webhook...
CVE-2026-46558 Plane’s V2 asset subsystem trusted workspace slugs and asset UUIDs without enforcing the right membership checks, which let one auth...
Web Security Auditor Auditor automático de seguridad web desarrollado en Python. Esta herramienta está diseñada para ayudar a administradores y des...
No description provided...
CVE-2026-54807 CVE-2026-54807 WooCommerce Privilege Escalation ║ ║ Unauthenticated Admin Role Assignment via Reg. Form PRİV8 TOOLS AND EXPLOİT CANA...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
