4441 matches found
OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file...
CVE-2026-31827
Alienbin is an anonymous code and text sharing web service. In 1.0.0 and earlier, the /save endpoint in server.js drops and recreates the MongoDB TTL index on the entire post collection for every new paste submission. When User B submits a paste with a short TTL e.g., 30 seconds, the TTL index is...
CVE-2026-31827
Alienbin is an anonymous code and text sharing web service. In 1.0.0 and earlier, the /save endpoint in server.js drops and recreates the MongoDB TTL index on the entire post collection for every new paste submission. When User B submits a paste with a short TTL e.g., 30 seconds, the TTL index is...
CVE-2026-31827 Alienbin: TTL Index Race Condition allows unauthorized deletion of other users data
Alienbin is an anonymous code and text sharing web service. In 1.0.0 and earlier, the /save endpoint in server.js drops and recreates the MongoDB TTL index on the entire post collection for every new paste submission. When User B submits a paste with a short TTL e.g., 30 seconds, the TTL index is...
CVE-2026-31827
Alienbin 1.0.0 and earlier are affected by a vulnerability in the /save endpoint (server.js) where every new paste submission drops and recreates the MongoDB TTL index on the entire post collection. When a user submits a paste with a short TTL (e.g., 30 seconds), the TTL index is recreated with e...
CVE-2026-31817 OliveTin's unsafe parsing of UniqueTrackingId can be used to write files
OliveTin gives access to predefined shell commands from a web interface. Prior to 3000.11.2, when the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the...
CVE-2026-30938 Parse Server has denylist `requestKeywordDenylist` keyword scan bypass through nested object placement
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.12 and 9.5.1-alpha.1, the requestKeywordDenylist security control can be bypassed by placing any nested object or array before a prohibited keyword in the request payload. This is...
Improper Check for Unusual or Exceptional Conditions
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the Utils class. An attacker can bypass configured keyword...
PT-2026-24481
Alienbin is an anonymous code and text sharing web service. In 1.0.0 and earlier, the /save endpoint in server.js drops and recreates the MongoDB TTL index on the entire post collection for every new paste submission. When User B submits a paste with a short TTL e.g., 30 seconds, the TTL index is...
EUVD-2026-10220
A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a template engine. The...
CVE-2026-3714
A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a template engine. The...
CVE-2026-3714 OpenCart Incomplete Fix CVE-2024-36694 template.php save special elements used in a template engine
A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a template engine. The...
CVE-2026-3714
OpenCart 4.0.2.3 is affected by a Server-Side Template Injection (SSTI) via the Theme Editor, due to improper validation in the Save function of admin/controller/design/template.php (cited as Incomplete Fix CVE-2024-36694). Remote exploitation is possible, per multiple sources. No fixed version i...
CVE-2026-3714
A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a template engine. The...
CVE-2026-28795
OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2.2, the savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal...
Path Traversal
OpenChatBI is vulnerable to Path Traversal. The vulnerability is due to insufficient input sanitization of the fileformat parameter in the savereport tool, allowing attackers to manipulate file paths and potentially write files outside the intended directory...
PT-2026-23814
The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce venue name' CSV field in the on save changes venues function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on t...
CVE-2026-28098
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Save Life save-life allows PHP Local File Inclusion.This issue affects Save Life: from n/a through = 1.2.13...
CVE-2026-28795
OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2.2, the savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal...
CVE-2026-28795 OpenChatBI: Critical Path Traversal Vulnerability in save_report Tool of OpenChatBI
OpenChatBI is an intelligent chat-based BI tool powered by large language models, designed to help users query, analyze, and visualize data through natural language conversations. Prior to version 0.2.2, the savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal...