3 matches found
CVE-2026-40893
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...
WordPress plugin Parkivia 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
statics-server cross-site scripting vulnerability
statics-server is a static file server. A cross-site scripting vulnerability exists in statics-server 0.0.9 and earlier versions. A remote attacker can exploit this vulnerability by injecting an iframe into a file name to execute arbitrary JavaScript code...