Lucene search
K

10 matches found

CVE
CVE
added yesterday5 views

CVE-2026-57584

Phalcon (PHP framework) is affected by a ReDoS in the default MVC router. Prior to 5.15.0, the built‑in router registers a route whose PCRE pattern contains a nested quantifier, and Phalcon\Mvc\Router::handle() matches this against the request URI on every request. A crafted path (e.g., repeated ...

8.7CVSS6.1AI score
Exploits0References4
CVE
CVE
added yesterday4 views

CVE-2026-54736

Technical details (affected versions, root cause specifics, and remediation beyond what is in the Initial Description) are not publicly available in the provided documents; monitor for updates.

8.2CVSS6.1AI score
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-15029

Malware in sbrugna...

6.1CVSS6.3AI score0.00977EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2019/02/14 12:0 a.m.164 views

Invo PhalconPHP 1.x Database Configuration Disclosure

Exploit Title : Unvo PhalconPHP 1.x Database Config Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : phalconphp.com Software Download Link : github.com/phalcon/invo/archive/master.zip Software Information Link :...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/02/13 12:0 a.m.3 views

Phalcon Eye Arbitrary Code Execution Vulnerability

Phalcon is an extension implemented in C. Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tools provide features such as service provisioning, configuration management, and reporting status. An arbitrary code execution vulnerability exists in Phalcon Ey...

6.1CVSS6.9AI score0.00977EPSS
Exploits1References1
OSV
OSV
added 2017/02/12 4:59 a.m.14 views

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

6.1CVSS7.1AI score
Exploits0References2
NVD
NVD
added 2017/02/12 4:59 a.m.12 views

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

6.1CVSS6.4AI score0.00977EPSS
Exploits1References2
Prion
Prion
added 2017/02/12 4:59 a.m.12 views

Authorization

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

4.3CVSS6.4AI score0.00977EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/02/12 4:43 a.m.21 views

CVE-2017-5960

An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...

6.5AI score0.00977EPSS
Exploits1References2
CVE
CVE
added 2017/02/12 4:43 a.m.55 views

CVE-2017-5960

CVE-2017-5960 affects Phalcon Eye up to version 0.4.1. The issue stems from insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php, enabling an attacker to cause the browser to execute arbitra...

6.1CVSS6.4AI score0.00977EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder