[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":36,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":43,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":49,"vulnerability-29436":56},[4,15,24,30],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":19,"external":9,"targets":20,"cta":22,"variant":13,"campaign_id":23},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper","PoC details now live: 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[21],"/exploit-helpers/sniper","See the details","phpbb-authentication-bypass",{"title":25,"slug":26,"text":18,"link":19,"external":9,"targets":27,"cta":29,"variant":13,"campaign_id":23},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve",[28],"/vulnerabilities-exploits","Read the research",{"title":31,"slug":32,"text":33,"link":19,"external":9,"targets":34,"cta":35,"variant":13,"campaign_id":23},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","The Network Scanner detects 2 new phpBB CVEs our research team found",[28],"See the PoC details",["Island",37],{"key":38,"params":39,"result":41},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":40},"{}",{"head":42},{},["Island",44],{"key":45,"params":46,"result":47},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":40},{"head":48},{},["Island",50],{"key":51,"params":52,"result":54},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":53},"{\"text-color\":\"gray\"}",{"head":55},{},{"id":57,"detectable_with":58,"vuln_details":65,"vuln_id":81,"name":82,"published":83,"updated":66},29436,{"tool":59,"engine":62},{"id":60,"name":61},1,"Network Scanner",{"id":63,"name":64},2,"Nuclei",{"id":57,"codename":66,"description":66,"severity":67,"risk_description":68,"public_description":69,"public_recommendation":70,"recommendation":66,"references":71,"cvssv3":74,"epss_score":75,"epss_percentile":76,"cve":77,"in_cisa_catalog":79,"date":80,"software_type":66,"vendor":66,"product":66,"ptt_exploit_capabilities":66},null,"critical","An unauthenticated attacker can log in as any user including administrators, gaining full control over the phpBB forum, leading to data theft, defacement, and complete forum takeover.","phpBB before 3.3.17 contains an authentication bypass vulnerability in the login-link feature. By setting the auth_provider query parameter to \"apache\", an unauthenticated attacker can bypass password verification and log in as any user, including administrators. The Apache auth provider trusts the Basic authentication header username without password verification, as it assumes Apache handles authentication upstream.","Upgrade phpBB to version 3.3.17 or later.",[72,73],"https://www.aikido.dev/blog/authentication-bypass-phpbb-technical-writeup","https://nvd.nist.gov/vuln/detail/CVE-2026-48611",9.8,0.02865,0.85096,[78],"CVE-2026-48611",false,"2026-06-12T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-48611","phpBB \u003C 3.3.17 - Authentication Bypass","2026-07-06T00:00:00Z"]