478 matches found
CVE-2026-45626
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
CVE-2026-45626
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
CVE-2026-45626
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
EUVD-2026-33372
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
CVE-2026-45626 Arcane: OS Command Injection in Volume Browser ListDirectory via path query parameter
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
arcane 操作系统命令注入漏洞
Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane 1.18.1 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the path cleaner in the GET /environments/id/volumes/volumeName/browse endpoint not...
Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter
Summary GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitiser blocks ../ traversal but does not strip Bourne-shell metacharacters such as $ or backticks, and...
GHSA-9MVM-4GWG-V8MP Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter
Summary GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitiser blocks ../ traversal but does not strip Bourne-shell metacharacters such as $ or backticks, and...
PT-2026-41693
Name of the Vulnerable Software and Affected Versions Arcane versions 1.18.1 and earlier Description An issue exists where the endpoint "GET /environments/id/volumes/volumeName/browse" accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside a helper...
CVE-2021-47955
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...
CVE-2021-47955
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...
CVE-2021-47955 CouchCMS 2.2.1 Cross-Site Scripting via SVG File Upload
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...
CVE-2021-47955
CVE-2021-47955 affects CouchCMS 2.2.1 and describes a cross-site scripting vulnerability via SVG file uploads. An authenticated attacker can upload SVG files containing embedded script tags through the file upload functionality, which are then executed in other users’ browsers when the files are ...
EUVD-2021-34823
CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. Attackers can upload SVG files containing embedded script tags to the browse.php endpoint, which...
PT-2026-41452
Name of the Vulnerable Software and Affected Versions CouchCMS version 2.2.1 Description Authenticated attackers can execute arbitrary JavaScript by uploading malicious SVG files through the file upload functionality. This occurs when SVG files containing embedded script tags are uploaded to the...
EUVD-2021-34813
CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG files containing external entity references through the browse.php endpoint to access internal service...
PT-2026-41339
CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG files containing external entity references through the browse.php endpoint to access internal service...
CVE-2026-7308 Nexus Repository 3 - Stored Cross-Site Scripting (XSS) via HTML Browse Page
An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of any user who browses that repository directory via the HTML index page in Sonatype Nexus Repository versions 3.6.0 through versions before 3.92.0. Th...
CVE-2026-7308
CVE-2026-7308 (Nexus Repository) : An authenticated user with upload permissions can store content that triggers arbitrary JavaScript in the browser of any user visiting the repository HTML index page, via Nexus Repository versions 3.6.0–3.91.x (3.92.0 fixes this). The attack is a stored XSS on t...
Wireshark Analyzer 4.6.5
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...