119 matches found
Cockpit CMS 0.6.1 - Remote Code Execution
Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI. id: CVE-2020-35131 info: name: Cockpit CMS 0.6.1 ...
CVE-2026-57856
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php sanitizes the bucket name with pregreplace'/^a-zA-Z0-9-\./','', $bucket, which permits '..' and '../' sequences. The sanitized value is...
CVE-2026-57855
Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php executes bucket commands ls, upload, removefiles, rename, createfolder without performing any ACL or role check. Any authenticated...
CVE-2026-57856 Cockpit CMS Path Traversal via Bucket Name in Bucket File Storage API
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php sanitizes the bucket name with pregreplace'/^a-zA-Z0-9-\./','', $bucket, which permits '..' and '../' sequences. The sanitized value is...
CVE-2026-57856
Cockpit CMS exposes a path traversal in the Bucket file storage API (/system/buckets/api). The api() function sanitizes the bucket name with a regex that still allows ".." and "../" sequences, which are then interpolated into uploads://buckets/{bucket} and not blocked by Flysystem’s WhitespacePat...
CVE-2026-57856 Cockpit CMS Path Traversal via Bucket Name in Bucket File Storage API
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php sanitizes the bucket name with pregreplace'/^a-zA-Z0-9-\./','', $bucket, which permits '..' and '../' sequences. The sanitized value is...
CVE-2026-57855 Cockpit CMS Missing Authorization in Bucket File Storage API
Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php executes bucket commands ls, upload, removefiles, rename, createfolder without performing any ACL or role check. Any authenticated...
CVE-2026-57855
Cockpit CMS is affected by a missing authorization vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php executes bucket commands (ls, upload, removefiles, rename, createfolder) without ACL or role checks, allowing any authen...
CVE-2026-57855 Cockpit CMS Missing Authorization in Bucket File Storage API
Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API /system/buckets/api. The api method in modules/System/Controller/Buckets.php executes bucket commands ls, upload, removefiles, rename, createfolder without performing any ACL or role check. Any authenticated...
Linux Distros Unpatched Vulnerability : CVE-2026-58467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit CMS before release 364 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or...
CVE-2026-58467
A flaw was found in Cockpit CMS. This vulnerability, a path traversal and local file inclusion, allows an unauthenticated attacker to read arbitrary files or execute PHP files. By manipulating the URL, an attacker can bypass security checks and access restricted directories. This could lead to...
CVE-2026-58467
Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...
EUVD-2026-41436
Cockpit CMS before release 364 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...
CVE-2026-58467 Cockpit CMS 2.14.0 - Path Traversal Local File Inclusion via index.php
Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...
CVE-2026-58467
Cockpit CMS prior to release 364 is affected by a path traversal and local file inclusion vulnerability. Unauthenticated attackers can craft a request (via the URL’s PATH_INFO in REQUEST_URI) to reach arbitrary files; if the resolved path ends with .php, it may be passed to include(), enabling lo...
CVE-2026-58467
Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...
CVE-2026-58467 Cockpit CMS 2.14.0 - Path Traversal Local File Inclusion via index.php
Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...
CVE-2026-13533
A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...
EUVD-2026-40030
A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...
CVE-2026-13533 agentejo Cockpit CMS htaccess config.yaml YAMLLoad file access
A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...