53 matches found
GO-2026-5919 Coder vulnerable to stored HTML injection via workspace agent logs in AgentLogLine component in github.com/coder/coder
Coder vulnerable to stored HTML injection via workspace agent logs in AgentLogLine component in github.com/coder/coder...
CVE-2026-9834
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the wpdbexcludetable parameter. This is due to the direct concatenation of user-supplied $POST'wpdbexcludetable' valu...
CVE-2026-40084
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...
DEBIAN-CVE-2026-40084
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...
CVE-2026-40084
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...
CVE-2026-40084
Summary: CVE-2026-40084 affects CACTI
CVE-2026-40084
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report formatfile Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage stored injection, lib/htmlreports.php at...
DEBIAN-CVE-2026-39951
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp in the Reports feature. This issue has been fixed in version 1.2.31...
CVE-2026-45545
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker with access to the Tables app may be able to execute arbitrary up to 20 bytes long SQL queries,...
Lyrion Music Server 9.2.0 (server.log) Unauthenticated Stored XSS
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
CVE-2026-45545
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker with access to the Tables app may be able to execute arbitrary up to 20 bytes long SQL queries,...
CVE-2026-45545 Nextcloud: SQL Injection in Column Type Parameter Allows Arbitrary SQL Execution
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker with access to the Tables app may be able to execute arbitrary up to 20 bytes long SQL queries,...
CVE-2026-45545
Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker with access to the Tables app may be able to execute arbitrary up to 20 bytes long SQL queries,...
CVE-2026-45545
Summary of CVE-2026-45545 (Nextcloud Tables SQL Injection) : An authenticated attacker with access to the Nextcloud Tables app could trigger a stored SQL injection that accepts arbitrary inputs up to 20 bytes and can break out of the length limit. This allows extraction or modification of databas...
BIT-KIBANA-2026-42401 Improper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML Injection
Improper Neutralization of Input During Web Page Generation CWE-79 in Kibana can lead to stored HTML injection. A user with write access to an Elasticsearch index could persist crafted markup which, when subsequently rendered through an affected Kibana view by another user, was not sufficiently...
Nextcloud Tables SQL注入漏洞
NextCloud Tables is an open-source table-based application developed by NextCloud. Versions of NextCloud Tables from 0.7.0 to 0.7.7, 0.8.0 to 0.8.10, 0.9.0 to 0.9.8, and 1.0.0 to 1.0.4 have SQL injection vulnerabilities. These vulnerabilities stem from stored injection attacks, allowing...
PT-2026-44214
The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'headline' parameter in the shariff shortcode in all versions up to, and including, 4.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2026-34463 MantisBT has Stored HTML Injection/XSS via Clone Issue Form
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...
CVE-2025-40901
CVE-2025-40901 describes a stored HTML injection in the Credentials Manager ( Guardian/CMC ) prior to 26.1.0. The root cause is improper validation of an input parameter, allowing an administrator to define an identity containing HTML tags. When a victim deletes that identity, the injected HTML c...
CVE-2026-4125
The WPMK Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions up to and including 1.0.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. Specifically, in the...