Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 10 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims Praskla-Technologyassessment-placipy--2026-02-09 21:07:15 Deep Dive
CVE-2026-25814 NoSQL Injection Risk via Unsanitized Query Parameters Praskla-Technologyassessment-placipy--2026-02-09 21:05:50 Deep Dive
CVE-2026-25813 PlaciPy Exposes Sensitive Data via Application Logs Praskla-Technologyassessment-placipy--2026-02-09 21:04:46 Deep Dive
CVE-2026-25812 PlaciPy is Missing CSRF Protection on State-Changing Endpoints Praskla-Technologyassessment-placipy--2026-02-09 21:03:37 Deep Dive
CVE-2026-25811 PlaciPy Email Domain Trust Enables Cross-Tenant Data Access (Multi-Tenant Isolation Failure) Praskla-Technologyassessment-placipy--2026-02-09 21:00:39 Deep Dive
CVE-2026-25809 PlaciPy Code Execution Allowed Without Assessment Active State Validation Praskla-Technologyassessment-placipy--2026-02-09 20:58:09 Deep Dive
CVE-2026-25806 PlaciPy has Missing Authorization Checks on Student Management Endpoints (IDOR) Praskla-Technologyassessment-placipy--2026-02-09 20:48:58 Deep Dive
CVE-2026-25810 PlaciPy is Missing Object-Level Authorization in student.submission.routes.ts Praskla-Technologyassessment-placipy--2026-02-09 20:48:54 Deep Dive
CVE-2026-25876 PlaciPy is Missing Authorization on Assessment Results Endpoint Praskla-Technologyassessment-placipy--2026-02-09 20:48:51 Deep Dive
CVE-2026-25753 PlaciPy has a Hard-Coded Default Password for All Student Accounts (Account Takeover) Praskla-Technologyassessment-placipy--2026-02-06 18:57:31 Deep Dive