23708 matches found
Suprema BioStar <2.8.2 - Local File Inclusion
Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion. id: CVE-2020-15050 info: name: Suprema BioStar 2.8.2 - Local File Inclusion author: gy741 severity: high description: Suprema BioStar before 2.8.2 Video Extensio...
Lightdash version <= 0.510.3 Arbitrary File Read
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used. id: CVE-2023-35844 info: name: Lightdash version = 0.510.3 Arbitrary File Read author: dwisiswant0...
Joomla! JCE extension < 2.9.99.5 unauthenticated RCE
Joomla JCE editor extension contains an unrestricted file upload vulnerability caused by allowing unauthenticated users to create new editor profiles, letting attackers upload and execute PHP code remotely, exploit requires no authentication. id: CVE-2026-48907 info: name: Joomla! JCE extension...
XWiki Platform Distribution Flavor Main - Cross-Site Scripting
XWiki Platform Distribution Flavor Main versions prior to 17.6.0 are vulnerable to reflected cross-site scripting XSS due to improper sanitization of user-supplied input in the extensionId parameter. An attacker can exploit this issue by injecting malicious JavaScript, which will be executed in t...
CVE-2026-58078
CVE-2026-58078 affects the Joomla extension Quix Page Builder Pro (vulnerable
CVE-2026-58078 Joomla Extension - themexpert.com - Unauthenticated SQL injection in Quix Page Builder Pro < 6.2.1
The Joomla extension Quix Page Builder Pro is vulnerable to an unauthenticated SQL injection...
EUVD-2026-44896
The Joomla extension Quix Page Builder Pro is vulnerable to an unauthenticated SQL injection...
EUVD-2025-210478
LogicalDOC Enterprise up to and for v9.1.1 is vulnerable to Local File Inclusion LFI in the OnlyOfficeEditor servlet class, allowing authenticated user to exploit path traversal flaws in the fileExt parameter, enabling unauthorized access to sensitive files outside the designated directories...
UBUNTU-CVE-2026-46569
In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfsibcopytail, in libntfs-3g/index.c, that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by extending a directory, e.g., by creating a file...
UBUNTU-CVE-2026-42617
In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfsirtoib in index.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by extending a directory, e.g., by creating a file...
CVE-2026-61457 Grav before 1.0.3 Remote Code Execution via File Upload Extension Bypass
The Grav API plugin getgrav/grav-plugin-api before 1.0.3 contains a file upload extension bypass in the API media controller. HandlesMediaUploads::validateFileExtension inspects only the final file extension via pathinfo$filename, PATHINFOEXTENSION, so a user with api.media.write permission can...
CVE-2026-61457
CVE-2026-61457 : The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 is vulnerable to a file upload extension bypass in the API media controller. The validation in HandlesMediaUploads::validateFileExtension() only checks the final extension via pathinfo($filename, PATHINFO_EXTENSION); a us...
EUVD-2026-44651
The Grav API plugin getgrav/grav-plugin-api before 1.0.3 contains a file upload extension bypass in the API media controller. HandlesMediaUploads::validateFileExtension inspects only the final file extension via pathinfo$filename, PATHINFOEXTENSION, so a user with api.media.write permission can...
EUVD-2026-44628
Open WebUI before 0.9.5 contains a stored cross-site scripting vulnerability in the OAuth authentication flow where the picture claim URL MIME type is inferred from file extension rather than Content-Type header, allowing SVG files to bypass the profile image validator and be stored as data URIs...
CVE-2026-58077
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...
CVE-2026-57833
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS in relation to the AI analysis feature...
CVE-2026-57831
The Joomla extension DP Calendar is vulnerable to an unauthenticated SQL injection...
CVE-2026-57832
The Joomla extension EDocman is vulnerable to an unauthenticated SQL injection...
CVE-2026-58077
CVE-2026-58077 affects the Joomla extension 4Analytics (weeblr.com) prior to version 5.0.2. It describes an unauthenticated stored XSS vulnerability, where a specially crafted unauthenticated request can lead to website takeover under certain conditions. The provided documents identify the vulner...
CVE-2026-58077 Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...