[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":3,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":10,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":16,"vulnerability-26560":23,"all-banners":44},["Island",4],{"key":5,"params":6,"result":8},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":7},"{}",{"head":9},{},["Island",11],{"key":12,"params":13,"result":14},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":7},{"head":15},{},["Island",17],{"key":18,"params":19,"result":21},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":20},"{\"text-color\":\"gray\"}",{"head":22},{},{"id":24,"detectable_with":25,"vuln_details":32,"vuln_id":41,"name":42,"published":43,"updated":33},26560,{"tool":26,"engine":29},{"id":27,"name":28},1,"Network Scanner",{"id":30,"name":31},2,"Nuclei",{"id":24,"codename":33,"description":33,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":33,"references":38,"cvssv3":33,"epss_score":33,"epss_percentile":33,"cve":33,"in_cisa_catalog":40,"date":33,"software_type":33,"vendor":33,"product":33,"ptt_exploit_capabilities":33},null,"high","The risk exists that an attacker can use the vulnerability identified to perform further attacks on the server.","The Spring Expression Language (SpEL for short) is a powerful expression language that supports querying and manipulating an object graph at runtime. The language syntax is similar to Unified EL but offers additional features, most notably method invocation and basic string templating functionality.","We recommend reviewing the purpose of the application or the server and applying patches, if applicable.",[39],"https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Java.md#spel---command-execution",false,"NETSCAN-NUCLEI-VULNERABILITIES-SPRING-EXPRESSION-OOB","Spring Expression Language - Out of Band Template Injection","2025-02-24T00:00:00Z",[45,56,62,71,78],{"title":46,"slug":47,"text":48,"link":49,"external":50,"targets":51,"cta":53,"variant":54,"campaign_id":55},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[52],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":57,"slug":58,"text":59,"link":49,"external":50,"targets":60,"cta":53,"variant":54,"campaign_id":55},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[61],"/blog",{"title":63,"slug":64,"text":65,"link":66,"external":50,"targets":67,"cta":69,"variant":54,"campaign_id":70},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[68],"/vulnerabilities-exploits","See the details","phpbb-authentication-bypass",{"title":72,"slug":73,"text":74,"link":75,"external":50,"targets":76,"cta":77,"variant":54,"campaign_id":70},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB","https://pentest-tools.com/research/phpbb-authentication-bypass",[68],"Read the research",{"title":79,"slug":80,"text":65,"link":66,"external":50,"targets":81,"cta":69,"variant":54,"campaign_id":70},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[82],"/exploit-helpers/sniper"]