CVE-2026-7638

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...

CVE-2026-7638 App Builder <= 5.5.10 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Avatar Modification via 'user_id' Parameter

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...

CVE-2026-7638

The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to and including 5.6.0. This is due to missing authorization validation in the uploadavatar function, which accepts an attacker-controlled...

CVE-2026-30942

Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...

CVE-2026-30942

Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to 1.7.3, an authenticated path traversal vulnerability in /api/avatars/filename allows any logged-in user to read arbitrary files from within the application container. The filename URL...

CVE-2025-41085

Stored Cross-Site Scripting XSS vulnerability type in Apidog in the version 2.7.15, where SVG image uploads are not properly sanitized. This allows attackers to embed malicious scripts in SVG files by sending a POST request to '/api/v1/user-avatar', which are then stored on the server and execute...

CVE-2025-41085

Stored Cross-Site Scripting XSS vulnerability type in Apidog in the version 2.7.15, where SVG image uploads are not properly sanitized. This allows attackers to embed malicious scripts in SVG files by sending a POST request to '/api/v1/user-avatar', which are then stored on the server and execute...

CVE-2025-41085 Stored Cross-Site Scripting (XSS) in Apidog web platform

Stored Cross-Site Scripting XSS vulnerability type in Apidog in the version 2.7.15, where SVG image uploads are not properly sanitized. This allows attackers to embed malicious scripts in SVG files by sending a POST request to '/api/v1/user-avatar', which are then stored on the server and execute...

CVE-2025-41085

Summary : CVE-2025-41085 is a stored XSS in Apidog 2.7.15 due to improper sanitization of SVG uploads. An attacker can exploit by posting an SVG image to the endpoints exposed by the API (/api/v1/user-avatar), resulting in scripts being stored on the server and executed when a user accesses the c...

CVE-2025-41085

Stored Cross-Site Scripting XSS vulnerability type in Apidog in the version 2.7.15, where SVG image uploads are not properly sanitized. This allows attackers to embed malicious scripts in SVG files by sending a POST request to '/api/v1/user-avatar', which are then stored on the server and execute...

PT-2026-5898

Name of the Vulnerable Software and Affected Versions Apidog version 2.7.15 Description A stored Cross-Site Scripting XSS issue exists in Apidog version 2.7.15 due to improper sanitization of SVG image uploads. An attacker can embed malicious scripts within SVG files by sending a POST request to...

Missing Release of Resource after Effective Lifetime

Overview github.com/grafana/grafana/pkg/api/avatar is a tool for beautiful monitoring and metric analytics & dashboards for Graphite, InfluxDB & Prometheus & More. Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via the /avatar/:hash...

Stored XSS

Overview FormCMS is a FormCMS is an open-source Content Management System designed to simplify and accelerate web development workflows for CMS projects and general web applications. It streamlines data modeling, backend development, and frontend design, making them as intuitive as filling out a...

CVE-2025-9296

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

VulnCheck KEV: CVE-2022-25488

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...

CVE-2024-56828

File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then passed to the memberService.uploadAvatarByBase64 method for processing. Within the service, the...

PT-2024-36435 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-Learning Management System version 1.0 Description: The issue is related to Remote Code Execution via File Upload in the /teacher avatar.php endpoint. This allows for the execution of remote code through the upload of files...

ROS-20230616-06

Nextcloud Mail application vulnerability is related to insufficient validation of user-entered data in the Mail app on the avatar endpoint. data in the Mail application on the avatar endpoint. Exploitation of the vulnerability could allow an attacker, acting remotely to access sensitive data...

CVE-2023-33184 Blind SSRF in the Nextcloud Mail app on avatar endpoint

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

CVE-2022-25488

Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in /admin/ajax/avatar.php...