KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
IEEE

An Empirical Study on Measuring the Impact of Code Smells on Web Applications

Abstract: Code smells are a surface symptom that generally indicates a more serious problem in the software system therefore it is kind of hard to detect them manually so many automated tools are ...