CVE-2026-XXXXX Unauthenticated Blind SQL Injection in e107 CMS Comment System via Unsafe toDB + select Chain --- Advisory Information | Field | Val...
CVE-2026-XXXXX Unauthenticated Arbitrary File Upload RCE + SQL Injection in Doctor Patient Portal --- Advisory Information | Field | Value | |-----...
Laravel FileManager Unrestricted File Upload CVE-2025-56399 CWE-434: Unrestricted Upload of File with Dangerous Type CVSS Score: 8.5 High --- 📋 De...
Nexploit Advanced Offensive Security Recon & Exploitation Framework Features - Reconnaissance - Web Scanning - Fuzzing - AI Analysis - Reporting De...
CVE Reports Security vulnerability reports and proof-of-concept code. Structure ├── reports/ Vulnerability reports ├── pocs/ Proof of Concept code ...
CVE-2026-XXXXX Unauthenticated Arbitrary File Upload RCE + SQL Injection in Student Registration System --- Advisory Information | Field | Value | ...
Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6_get_data_primitive (libnetutil/netutil.cc), so th...
Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where en...
RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer sessi...
nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-a...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
