[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":3,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":10,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":16,"all-banners":23,"vulnerability-29353":76},["Island",4],{"key":5,"params":6,"result":8},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":7},"{}",{"head":9},{},["Island",11],{"key":12,"params":13,"result":14},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":7},{"head":15},{},["Island",17],{"key":18,"params":19,"result":21},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":20},"{\"text-color\":\"gray\"}",{"head":22},{},[24,35,41,57,65,71],{"title":25,"slug":26,"text":27,"link":28,"external":29,"targets":30,"cta":32,"variant":33,"campaign_id":34},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[31],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":36,"slug":37,"text":38,"link":28,"external":29,"targets":39,"cta":32,"variant":33,"campaign_id":34},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[40],"/blog",{"title":42,"slug":43,"text":44,"link":45,"external":29,"targets":46,"cta":56,"variant":33,"campaign_id":43},"phpBB authentication bypass - PW Banners - research focused","phpbb-authentication-bypass","New research: phpBB authentication bypass discovered by Pentest-Tools.com","https://pentest-tools.com/research/phpbb-authentication-bypass",[47,48,49,50,51,52,53,54,55],"/","/network-vulnerability-scanning/port-scanner-online-nmap","/website-vulnerability-scanning/website-scanner","/information-gathering/find-subdomains-of-domain","/website-vulnerability-scanning/discover-hidden-directories-and-files","/features/attack-surface","/features/internal-network-scanning","/features/vulnerability-monitoring","/features/pentest-reporting","Discover the CVEs",{"title":58,"slug":59,"text":60,"link":61,"external":29,"targets":62,"cta":64,"variant":33,"campaign_id":43},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[63],"/vulnerabilities-exploits","See the details",{"title":66,"slug":67,"text":68,"link":45,"external":29,"targets":69,"cta":70,"variant":33,"campaign_id":43},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB",[63],"Read the research",{"title":72,"slug":73,"text":60,"link":61,"external":29,"targets":74,"cta":64,"variant":33,"campaign_id":43},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[75],"/exploit-helpers/sniper",{"id":77,"detectable_with":78,"vuln_details":85,"vuln_id":102,"name":103,"published":104,"updated":86},29353,{"tool":79,"engine":82},{"id":80,"name":81},1,"Network Scanner",{"id":83,"name":84},2,"Nuclei",{"id":77,"codename":86,"description":86,"severity":87,"risk_description":88,"public_description":89,"public_recommendation":90,"recommendation":86,"references":91,"cvssv3":95,"epss_score":96,"epss_percentile":97,"cve":98,"in_cisa_catalog":100,"date":101,"software_type":86,"vendor":86,"product":86,"ptt_exploit_capabilities":86},null,"critical","The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from arbitrary files located on the file system of the server.","Windmill \u003C 1.603.3 contains a path traversal caused by unsanitized filename parameter in get_log_file endpoint, letting unauthenticated attackers read arbitrary files on the server, exploit requires no authentication.","Update to version 1.603.3 or later.",[92,93,94],"https://github.com/Chocapikk/Windfall","https://chocapikk.com/posts/2026/windfall-nextcloud-flow-windmill-rce/","https://nvd.nist.gov/vuln/detail/CVE-2026-29059",10,0.23305,0.96067,[99],"CVE-2026-29059",false,"2026-03-06T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-29059","Windmill/Nextcloud Flow \u003C 1.603.3 - Unauthenticated Path Traversal","2026-06-03T00:00:00Z"]