web-application
44 articles with this tag
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
CRITICAL
MEDIUM
MEDIUM
HIGH
[NEU] [mittel] Mattermost Server: Schwachstelle ermöglicht nicht spezifizierten Angriff
Microsoft Exchange Zero-Day Under Attack, No Patch Available
[NEU] [hoch] GitLab: Mehrere Schwachstellen
[NEU] [mittel] MISP: Schwachstelle ermöglicht Cross-Site Scripting
[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit
[webapps] HUSTOJ Zip-Slip v26.01.24 - RCE
[webapps] Camaleon CMS v2.9.0 - Path Traversal
USN-8223-1: Roundcube Webmail vulnerabilities
[webapps] Craft CMS 5.6.16 - RCE
[webapps] HAX CMS 24.x - Stored Cross-Site Scripting (XSS)
[webapps] phpMyFAQ 4.0.16 - Improper Authorization
[webapps] OpenKM 6.3.12 - Multiple
[webapps] FacturaScripts 2025.43 - XSS
[webapps] JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution
[webapps] GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)
[NEU] [hoch] GitLab: Mehrere Schwachstellen
[NEU] [mittel] Drupal (Obfuscate): Schwachstelle ermöglicht Cross-Site Scripting
[NEU] [hoch] Apache Airflow und Apache Airflow Keycloak Provider: Mehrere Schwachstellen
[NEU] [mittel] Pega Platform: Mehrere Schwachstellen
[NEU] [mittel] Snipe-IT: Schwachstelle ermöglicht Cross-Site Scripting
[NEU] [hoch] MediaWiki Erweiterungen: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
[webapps] Jumbo Website Manager - Remote Code Execution
[NEU] [mittel] Drupal (Orejime): Schwachstelle ermöglicht Cross-Site Scripting
[webapps] xibocms 3.3.4 - RCE
[webapps] FortiWeb 8.0.2 - Remote Code Execution
[webapps] Horilla v1.3 - RCE
[NEU] [mittel] Snipe-IT: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen und potenziell Cross-Site Scripting
Multiples vulnérabilités dans GLPI (07 avril 2026)
[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass
[NEU] [mittel] Drupal (SAML SSO): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[NEU] [hoch] Checkmk: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Chaining file upload bypass and stored XSS to create admin accounts: walkthrough with Docker PoC lab
PolyShell attacks target 56% of all vulnerable Magento stores
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
[NEU] [hoch] Angular: Schwachstelle ermöglicht Cross-Site Scripting
NCSC-2026-0087 [1.00] [M/H] Kwetsbaarheden verholpen in Adobe Commerce
[NEU] [niedrig] Fortinet FortiSIEM: Schwachstelle ermöglicht Cross-Site Scripting
[NEU] [hoch] xwiki Blog Application: Schwachstelle ermöglicht Cross-Site Scripting
[NEU] [hoch] Zammad: Mehrere Schwachstellen
USN-8067-1: Mailman vulnerability
[NEU] [hoch] Checkmk: Schwachstelle ermöglicht Cross-Site Scripting
Malicious URLs
Fraudster hacked hotel system, paid 1 cent for luxury rooms, Spanish cops say
Agentic AI Site 'Moltbook' Is Riddled With Security Risks