Lucene search
+L

99 matches found

Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-57996 phpMyFAQ - Privilege Escalation via Missing SuperAdmin Guard in user/add Endpoint

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in the user/add API endpoint that allows non-SuperAdmin administrators to create SuperAdmin accounts. A delegated administrator with USERADD/EDIT/DELETE permissions can call POST /admin/api/user/add with isSuperAdmin: true and...

8.8CVSS0.00246EPSS
Exploits0References2
CVE
CVE
added 3 days ago6 views

CVE-2026-57996

phpMyFAQ prior to 4.1.5 contains a privilege-escalation flaw in the admin/user-add endpoint. A delegated administrator with USER_ADD/EDIT/DELETE can call POST /admin/api/user/add using isSuperAdmin: true and attacker-chosen credentials to create a SuperAdmin account, enabling full instance takeov...

8.8CVSS6.1AI score0.00246EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

CVE-2026-57996 phpMyFAQ - Privilege Escalation via Missing SuperAdmin Guard in user/add Endpoint

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in the user/add API endpoint that allows non-SuperAdmin administrators to create SuperAdmin accounts. A delegated administrator with USERADD/EDIT/DELETE permissions can call POST /admin/api/user/add with isSuperAdmin: true and...

8.7CVSS6.1AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 2026/07/10 9:17 p.m.5 views

CVE-2026-58499

EverOS is a memory runtime for agents. Prior to 1.0.1, EverOS is vulnerable to path traversal in the POST /api/v1/memory/add ingestion endpoint because the per-message senderid field was not validated as a path-safe identifier, unlike appid and projectid. During user-memory extraction, senderid i...

8.2CVSS0.00356EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/10 8:53 p.m.32 views

CVE-2026-58499 Path traversal in EverOS /api/v1/memory/add via unvalidated sender_id

EverOS is a memory runtime for agents. Prior to 1.0.1, EverOS is vulnerable to path traversal in the POST /api/v1/memory/add ingestion endpoint because the per-message senderid field was not validated as a path-safe identifier, unlike appid and projectid. During user-memory extraction, senderid i...

8.2CVSS0.00356EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 11:19 a.m.5 views

CVE-2026-53691

An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of...

9.3CVSS6.1AI score0.00488EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/19 9:43 p.m.8 views

Directory Traversal

Overview everos is an EverOS — local-first markdown memory framework for AI agents and user chats; lightweight, dev-friendly, small-team Affected versions of this package are vulnerable to Directory Traversal via the senderid field in the POST /api/v1/memory/add endpoint. An attacker can create o...

8.8CVSS6.5AI score0.00356EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 7:31 a.m.30 views

CVE-2026-53901

CVE-2026-53901 affects Cerebrate, before v1.37, where the generic CRUD add path allowed mass assignment of attacker-controlled identifiers. The add() handler attempted to strip an id from $params prior to __massageInput() normalization, but a supplied id could still be present in the normalized i...

8.7CVSS5.5AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 7:31 a.m.3 views

CVE-2026-53901 Cerebrate before v1.37 allows mass assignment of record identifiers during object creation

Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add handler attempted to remove an attacker-supplied id from $params before normalizing the request through massageInput. Because the normalized $input could still contain an id field, a user...

8.7CVSS5.9AI score0.00312EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.16 views

CVE-2026-36767

A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request...

10CVSS5.6AI score0.00412EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.12 views

CVE-2026-44826

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

7.5CVSS5.5AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2026/05/15 7:17 p.m.19 views

CVE-2026-44826

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

7.5CVSS0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 6:37 p.m.43 views

CVE-2026-44826 Vvveb: Vvveb CMS — Negative-quantity cart manipulation allows creation of orders with negative grand totals

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

7.5CVSS0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 6:37 p.m.14 views

EUVD-2026-30580

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-add endpoint. Submitting a negative integer is accepted by the server and treated as a normal positi...

7.5CVSS5.8AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 6:31 p.m.12 views

EUVD-2026-29117

HireFlow v1.2 is vulnerable to Cross Site Scripting XSS in candidatedetail.html via the Resume or Feedback Comment fields via POST /candidates/add or POST /feedback/add...

5.4CVSS5.8AI score0.00208EPSS
Exploits1References4
NVD
NVD
added 2026/05/09 8:16 p.m.20 views

CVE-2026-42601

ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins...

9.8CVSS0.00404EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/09 7:29 p.m.6 views

CVE-2026-42601

ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins...

9.3CVSS5.9AI score0.00404EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/09 7:29 p.m.10 views

EUVD-2026-28935

ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins...

9.3CVSS5.9AI score0.00404EPSS
Exploits1References1
CVE
CVE
added 2026/05/09 7:29 p.m.31 views

CVE-2026-42601

ArchiveBox CVE-2026-42601 affects ArchiveBox ≤ 0.8.6rc0. The /add/ endpoint (AddView in core/views.py) accepts a config JSON that is merged into the crawl config without validation, and this config is exported as environment variables for archive plugins, enabling injection of arbitrary tool argu...

9.8CVSS5.9AI score0.00404EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.13 views

ArchiveBox 参数注入漏洞

ArchiveBox is a powerful, open-source, and self-hosted internet archiving solution developed by ArchiveBox. It is designed for collecting, storing, and viewing websites that you want to save offline. ArchiveBox versions 0.8.6rc0 and earlier have a parameter injection vulnerability. This...

9.8CVSS6.3AI score0.00404EPSS
Exploits1References1
Rows per page
Query Builder