Lucene search
K

89749 matches found

EUVD
EUVD
added 2026/05/07 3:0 a.m.9 views

EUVD-2026-28278

Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GE...

3.5CVSS5.7AI score0.00117EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/07 3:0 a.m.7 views

CVE-2026-41663 Admidio: CSRF on Admin Preferences Triggers Unauthorized Backup, .htaccess Write, and Email Send

Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GE...

3.5CVSS5.7AI score0.00117EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 3:0 a.m.35 views

CVE-2026-41663 Admidio: CSRF on Admin Preferences Triggers Unauthorized Backup, .htaccess Write, and Email Send

Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GE...

3.5CVSS0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/05/07 3:0 a.m.10 views

CVE-2026-41663

Admidio has a CSRF flaw (CVE-2026-41663) affecting versions prior to 5.0.9. The vulnerability lies in the preferences module where backup, test_email, and htaccess operations are executed via GET requests without CSRF validation, allowing exploitation via SameSite=Lax cookies to trigger actions o...

3.5CVSS5.7AI score0.00117EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 3:0 a.m.6 views

CVE-2026-41663

Admidio is an open-source user management solution. Prior to version 5.0.9, several administrative operations in Admidio's preferences module database backup, test email, htaccess generation fire via GET requests with no CSRF token validation. Because SameSite=Lax cookies travel with top-level GE...

3.5CVSS5.7AI score0.00117EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/07 2:58 a.m.6 views

CVE-2026-41656

Admidio is an open-source user management solution. Prior to version 5.0.9, the add mode in modules/documents-files.php accepts a name parameter validated only as 'string' type HTML encoding, allowing path traversal characters ../ to pass through unfiltered. Combined with the absence of CSRF...

4.5CVSS5.9AI score0.00362EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/07 2:20 a.m.9 views

SUSE CVE-2026-35527

Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...

5.3CVSS5.8AI score0.00271EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/07 1:15 a.m.7 views

Server-side Request Forgery (SSRF)

Overview github.com/gotenberg/gotenberg/v7/pkg/modules/chromium is a Docker-powered stateless API for PDF files. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the convertUrlRoute and screenshotUrlRoute processes. An attacker can access sensitive files...

8.2CVSS5.8AI score0.00251EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/07 1:15 a.m.9 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the convertUrlRoute and screenshotUrlRoute processes. An attacker can access sensitive files belonging to other users' in-flight conversion requests by submitting specially crafted file:// URLs pointi...

8.2CVSS5.8AI score0.00251EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/07 1:15 a.m.8 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.9 views

Server-side Request Forgery (SSRF)

Overview github.com/gotenberg/gotenberg/v7/pkg/modules/chromium is a Docker-powered stateless API for PDF files. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.8 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.7 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.7 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.7 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.12 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/07 1:15 a.m.7 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadFrom and webhook processes. An attacker can access internal network resources and potentially exfiltrate sensitive information or interact with internal-only services by supplying special...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2
OSV
OSV
added 2026/05/07 1:15 a.m.5 views

GHSA-4VMC-GM8V-M35H Gotenberg vulnerable to unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook

Summary The default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as http://::ffff:127.0.0.1:... and reach loopback or private HTTP services that the...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/07 12:57 a.m.9 views

Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Summary FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it navigates to the URL. An attacker who controls DNS for a hostname...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/05/07 12:57 a.m.5 views

GHSA-2PMR-289P-44R3 Gotenberg's DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Summary FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when it navigates to the URL. An attacker who controls DNS for a hostname...

5.3CVSS5.8AI score0.00186EPSS
Exploits1References3
Rows per page
Query Builder