Fortinet FortiWeb flaw with public PoC exploited to create admin users

A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed ...
ZDNet

NordVPN HTTP POST bug exposed customer information, no authentication required

NordVPN has plugged a hole in the company's payment platform which leaked sensitive customer data. As reported by The Register, the vulnerability was made public on HackerOne in February, a bug bounty ...