[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":56,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":63,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":69,"vulnerability-29373":76},[4,15,21,37,45,51],{"title":5,"slug":6,"text":7,"link":8,"external":9,"targets":10,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 - CVE Page","nginx-rift-cve-page","🚨 New: FREE SCANNER for NGINX Rift (CVE-2026-42945). No account needed.","https://pentest-tools.com/network-vulnerability-scanning/cve-2026-42945-scanner-nginx-rift",true,[11],"/vulnerabilities-exploits/nginx-heap-buffer-overflow_29311","Scan for free","secondary","nginx-rift",{"title":16,"slug":17,"text":18,"link":8,"external":9,"targets":19,"cta":12,"variant":13,"campaign_id":14},"NGINX Rift free scanner - CVE-2026-42945 -blog","nginx-rift-blog","🚨 New: free scanner for NGINX Rift (CVE-2026-42945). Check your targets now.",[20],"/blog",{"title":22,"slug":23,"text":24,"link":25,"external":9,"targets":26,"cta":36,"variant":13,"campaign_id":23},"phpBB authentication bypass - PW Banners - research focused","phpbb-authentication-bypass","New research: phpBB authentication bypass discovered by Pentest-Tools.com","https://pentest-tools.com/research/phpbb-authentication-bypass",[27,28,29,30,31,32,33,34,35],"/","/network-vulnerability-scanning/port-scanner-online-nmap","/website-vulnerability-scanning/website-scanner","/information-gathering/find-subdomains-of-domain","/website-vulnerability-scanning/discover-hidden-directories-and-files","/features/attack-surface","/features/internal-network-scanning","/features/vulnerability-monitoring","/features/pentest-reporting","Discover the CVEs",{"title":38,"slug":39,"text":40,"link":41,"external":9,"targets":42,"cta":44,"variant":13,"campaign_id":23},"phpBB authentication bypass - VulnDB homepage","phpbb-authentication-bypass-vulndb","Detect 2 new CVEs our research team discovered in phpBB","https://pentest-tools.com/vulnerabilities-exploits/phpbb-authentication-bypass_29369",[43],"/vulnerabilities-exploits","See the details",{"title":46,"slug":47,"text":48,"link":25,"external":9,"targets":49,"cta":50,"variant":13,"campaign_id":23},"phpBB authentication bypass - CVE page","phpbb-authentication-bypass-cve","See how our research team discovered these 2 new CVEs in phpBB",[43],"Read the research",{"title":52,"slug":53,"text":40,"link":41,"external":9,"targets":54,"cta":44,"variant":13,"campaign_id":23},"phpBB authentication bypass - Sniper","phpbb-authentication-bypass-sniper",[55],"/exploit-helpers/sniper",["Island",57],{"key":58,"params":59,"result":61},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":60},"{}",{"head":62},{},["Island",64],{"key":65,"params":66,"result":67},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":60},{"head":68},{},["Island",70],{"key":71,"params":72,"result":74},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":73},"{\"text-color\":\"gray\"}",{"head":75},{},{"id":77,"detectable_with":78,"vuln_details":85,"vuln_id":103,"name":104,"published":105,"updated":86},29373,{"tool":79,"engine":82},{"id":80,"name":81},1,"Network Scanner",{"id":83,"name":84},2,"Nuclei",{"id":77,"codename":86,"description":86,"severity":87,"risk_description":88,"public_description":89,"public_recommendation":90,"recommendation":86,"references":91,"cvssv3":96,"epss_score":97,"epss_percentile":98,"cve":99,"in_cisa_catalog":101,"date":102,"software_type":86,"vendor":86,"product":86,"ptt_exploit_capabilities":86},null,"high","This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.","The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'arm_directory_paging_action' AJAX action in all versions up to, and including, 7.3.1. This is due to insufficient escaping on the user-supplied 'order' and 'orderby' parameters and the lack of sufficient preparation on the existing SQL query in the `arm_get_directory_members()` function.","Update ARMember Premium to version 7.3.2 or later.",[92,93,94,95],"https://patchstack.com/database/wordpress/plugin/armember/vulnerability/wordpress-armember-premium-membership-plugin-content-restriction-member-levels-user-profile-user-signup-plugin-7-3-1-unauthenticated-sql-injection-vulnerability","https://www.wordfence.com/threat-intel/vulnerabilities/id/b5f6d2a2-ad3e-4afc-b6fd-745881d85b6b","https://nvd.nist.gov/vuln/detail/CVE-2026-5073","https://codecanyon.net/item/armember-complete-wordpress-membership-system/17785056",7.5,0.00084,0.24546,[100],"CVE-2026-5073",false,"2026-06-02T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2026-5073","WordPress ARMember Premium \u003C= 7.3.1 - Unauthenticated SQL Injection","2026-06-09T00:00:00Z"]