Path Confusion

Caddy is vulnerable to Path Confusion. The vulnerability is due to incorrect path splitting logic in FastCGI processing, where strings.ToLower is applied before computing byte offsets, causing incorrect SCRIPTNAME, SCRIPTFILENAME, and PATHINFO values for certain Unicode paths and potentially...

UBUNTU-CVE-2026-27590

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and then uses that byte index to slice the original path. This is unsafe for Unicode because...

CVE-2026-27590

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and then uses that byte index to slice the original path. This is unsafe for Unicode because...

CVE-2026-27590

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and then uses that byte index to slice the original path. This is unsafe for Unicode because...

CVE-2026-24895

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHP’s CGI path splitting logic improperly handles Unicode characters during case conversion. The logic computes the split index for finding .php on a lowercased copy of the request path but applies that byte index to the...

CVE-2026-24895 FrankenPHP affected by Path Confusion via Unicode casing in CGI path splitting allows execution of arbitrary files

FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHP’s CGI path splitting logic improperly handles Unicode characters during case conversion. The logic computes the split index for finding .php on a lowercased copy of the request path but applies that byte index to the...

Incorrect Behavior Order: Validate Before Canonicalize

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Validate Before Canonicalize via the splitPos function. An attacker can cause unintended script execution by crafting a request path containing specific multi-byte Unicode characters, which manipulates the...

CVE-2025-66211

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in PostgreSQL Init Script Filename handling allows users with application/service management permissions to execute...

Coolify 操作系统命令注入漏洞

Coolify is an open source and self-hosted Heroku/Netlify/Vercel replacement from coolLabs Open Source. An operating system command injection vulnerability exists in versions prior to Coolify 4.0.0-beta.451, which stems from an unvalidated PostgreSQL initialization script filename that could lead ...

CVE-2024-53999 Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to th...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831-WinRAR-Exploit Proof of concept...

SUSE CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

Weidmueller Industrial WLAN 操作系统命令注入漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. The Weidmueller Industrial WLAN devices suffer from an operating system command injection vulnerability that can be exploited by an attacker via a specially crafted diagnostic script filename to cause user input ...

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The bug allows a web user to execute code on a vulnerable server if the server has a specific configuration. The exploit targets the php-fpm service running on a server with a configuration that includes a "location" block with a...