systemtek.co.uk
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-06-04.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-06-04 2026 | Cisco Webex Meetings Cross-Site Scripting Vulnerability (CVE-2026-20233)XSS | This content describes a Cross-Site Scripting (XSS) vulnerability affecting Cisco Webex Meetings, identified by CVE-2026-20233. The provided link leads to more details about this specific security issue within the Webex Meetings platform. No bounty payout amount is mentioned. |
| 2026-06-01 2026 | Exploitation of Critical SQL Injection Vulnerability in Drupal (CVE-2026-9082)SQLi | Writeup detailing the exploitation of CVE-2026-9082, a critical SQL injection vulnerability in Drupal affecting PostgreSQL databases. This unauthenticated flaw, rated 9.8 (CVSS), allows arbitrary SQL execution via crafted requests. CISA has added it to their KEV catalogue, with over 15,000 exploitation attempts detected across various sectors, primarily in the United States. Drupal recommends upgrading to the latest supported release or applying backported fixes. |
| 2026-05-11 2026 | Cisco Identity Services Engine Stored Cross-Site Scripting VulnerabilitiesXSS | Writeup on Cisco Identity Services Engine (ISE) stored cross-site scripting vulnerabilities, CVE-2025-20204 and CVE-2025-20205. These flaws stem from insufficient input validation in the web-based management interface, allowing authenticated attackers to inject malicious script code. Exploitation enables arbitrary script execution within the interface context or access to sensitive browser data, requiring administrative credentials. Cisco has released updates to address these issues. |
| 2026-05-07 2026 | Critical severity vulnerability affecting CPython (CVE-2026-6100)Python | Writeup of CVE-2026-6100, a critical use-after-free vulnerability in CPython affecting `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile`. The vulnerability arises when decompressor instances are reused after a `MemoryError` during decompression, leading to a dangling pointer. Standard one-shot decompression functions like `lzma.decompress()` are unaffected. |
| 2026-01-16 2026 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability (CVE-2026-20076)XSS | Writeup of CVE-2026-20076, a stored cross-site scripting vulnerability in Cisco Identity Services Engine's web-based management interface. Exploitation requires administrative credentials and involves injecting malicious code into specific pages, allowing script execution or access to sensitive browser-based information. Cisco has released software updates to address this issue. |