Browse all 16 CVE security advisories affecting haxtheweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Haxtheweb primarily develops web applications and APIs for enterprise clients, with a core focus on custom business solutions. Historically, the organization has been associated with multiple remote code execution, cross-site scripting, and privilege escalation vulnerabilities across its products. Security assessments reveal consistent flaws in input validation and authentication mechanisms. While no major public breaches have been directly attributed to haxtheweb, its cumulative 16 CVEs indicate systemic security weaknesses in development practices. The organization's codebase frequently demonstrates inadequate sanitization of user inputs and misconfigured access controls, creating persistent exposure vectors for attackers.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-35185 | HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses — HAXiamCWE-284 | 7.5AI | HighAI | 2026-04-06 |
This page lists every published CVE security advisory associated with haxtheweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.