CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4428 matches found

CVE-2026-48946

The K2 frontend article-attachment upload path accepts files whose extension is .php, and Apache's standard modphp matches .php$ and executes them under the K2 web user. A K2 Author can upload a shell.php, then fetch /media/k2/attachments/shell.php and execute arbitrary PHP code in the web...

6.3CVSS0.00167EPSS

Exploits0References1

NVD•added 5 days ago•5 views

CVE-2026-48941

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS0.00159EPSS

Exploits0References1

AlpineLinux•added 5 days ago•6 views

CVE-2026-48941

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS5.8AI score0.00159EPSS

Exploits0References1

EUVD•added 5 days ago•5 views

EUVD-2026-39442

6.3CVSS6.1AI score0.00167EPSS

Exploits0References1

ATTACKERKB•added 5 days ago•4 views

CVE-2026-48944

The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATHSITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by t...

6.5CVSS5.9AI score0.00295EPSS

Exploits0References2Affected Software1

EUVD•added 5 days ago•6 views

EUVD-2026-39220

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.7AI score0.00172EPSS

Exploits0References8

CVE•added 6 days ago•25 views

CVE-2026-53943

The CVE-2026-53943 entry describes a Ghost CMS vulnerability where, on sites behind a shared caching layer, an unauthenticated user can send an x-ghost-preview header that poisons cached responses, altering rendered frontend output. In affected configurations, this cached, request-specific previe...

9.6CVSS5.9AI score0.00244EPSS

Exploits0References1

NVD•added 6 days ago•8 views

CVE-2026-56237

Capgo before 12.128.2 contains a broken authentication vulnerability in its API key generation mechanism. API keys are exposed in frontend requests, and the backend fails to validate that keys are securely generated and bound to the authenticated user. An attacker can tamper with the API key...

9.3CVSS0.00293EPSS

Exploits0References2

Cvelist•added 6 days ago•31 views

CVE-2026-56237 Capgo - Unauthenticated API Key Generation via Client-Side Parameter Manipulation

9.3CVSS0.00293EPSS

Exploits0References2

NVD•added 2026/06/23 7:16 a.m.•11 views

CVE-2026-8379

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

7.5CVSS0.0024EPSS

Exploits0References1

NVD•added 2026/06/23 7:16 a.m.•10 views

CVE-2026-8378

The Frontend File Manager Plugin WordPress plugin through 23.6 does not sanitise nor escape a filename submitted to the frontend file-rename endpoint before storing it as post meta and rendering it back on the admin File Manager listing, leading to a Stored Cross-Site Scripting vulnerability...

5.4CVSS0.00133EPSS

Exploits0References1

CVE•added 2026/06/23 6:0 a.m.•9 views

CVE-2026-8378

CVE-2026-8378 affects the WordPress plugin “Frontend File Manager” up to version 23.6. The vulnerability is a Stored Cross-Site Scripting (XSS) in the frontend file-rename endpoint: the plugin does not sanitize or escape the submitted filename before storing it as post meta and re-rendering it in...

5.4CVSS5.9AI score0.00133EPSS

Exploits0References1

EUVD•added 2026/06/23 6:0 a.m.•6 views

EUVD-2026-38420

7.5CVSS5.9AI score0.0024EPSS

Exploits0References1

Cvelist•added 2026/06/23 6:0 a.m.•38 views

CVE-2026-8378 Frontend File Manager Plugin <= 23.6 - Subscriber+ Stored Cross-Site Scripting via File Rename

0.00133EPSS

Exploits0References1

ATTACKERKB•added 2026/06/23 6:0 a.m.•7 views

CVE-2026-8379

5.9AI score0.0024EPSS

Exploits0References1

ATTACKERKB•added 2026/06/23 6:0 a.m.•5 views

CVE-2026-8378

5.4CVSS5.9AI score0.00133EPSS

Exploits0References1

Cvelist•added 2026/06/23 6:0 a.m.•35 views

CVE-2026-8379 Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Download

0.0024EPSS

Exploits0References1

EUVD•added 2026/06/23 6:0 a.m.•8 views

EUVD-2026-38419

5.4CVSS5.9AI score0.00133EPSS

Exploits0References1

CVE•added 2026/06/23 6:0 a.m.•12 views

CVE-2026-8379

The CVE-2026-8379 entry concerns the Frontend File Manager Plugin for WordPress (≤ 23.6). The vulnerability is a failure to properly enforce nonce verification on the file download handler, enabling unauthenticated attackers to download files uploaded by any user by iterating identifiers. The iss...

7.5CVSS5.9AI score0.0024EPSS

Exploits0References1

NVD•added 2026/06/20 4:17 p.m.•9 views

CVE-2024-58351

Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relie...

9.8CVSS0.00648EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by