webverse 5

• Command Injection via Filename Parameter Leading to Remote Code Execution | Quotin May 14, 2026
• IDOR in Order Access – Unauthorized Order Data Exposure | Hartwood May 11, 2026
• IDOR – Unauthorized Access to Borrower Records | Overdue May 1, 2026
• Local File Inclusion – Arbitrary File Read Leading to Flag Disclosure | Corridor May 1, 2026
• SQL Injection – Full Database Extraction via Search Function | Flower Apr 30, 2026