Tag
high
advisory
liangliangyy DjangoBlog Hardcoded Cryptographic Key Vulnerability (CVE-2026-6580)
2 rules 1 CVECVE-2026-6580 describes a vulnerability in liangliangyy DjangoBlog up to version 2.1.0.0 where manipulation of the 'key' argument in the Amap API Call Handler leads to the use of a hard-coded cryptographic key, enabling remote exploitation.
cve-2026-6580
djangoblog
hardcoded-key
web-application
2r
1c
critical
advisory
liangliangyy DjangoBlog Authentication Bypass Vulnerability (CVE-2026-6577)
2 rules 1 TTP 1 CVEA critical authentication bypass vulnerability in liangliangyy DjangoBlog up to version 2.1.0.0 (CVE-2026-6577) allows remote attackers to inject arbitrary GPS data without authentication via the logtracks endpoint, potentially leading to data manipulation and unauthorized access.
cve-2026-6577
djangoblog
authentication-bypass
gps-injection
web-application
2r
1t
1c