Lucene search
+L

459 matches found

Snyk
Snyk
added 2026/05/06 9:19 p.m.14 views

Arbitrary File Upload

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Arbitrary File Upload via the blueprint-upload process. An attacker can gain full administrative access by uploading a crafted YAML file to th...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/05/06 9:19 p.m.32 views

Low-privileged Grav API users can create super-admin accounts via blueprint-upload

Summary In Grav 2.0.0-beta.2, a low-privileged authenticated API user with api.media.write can abuse /api/v1/blueprint-upload to write an arbitrary YAML file into user/accounts/, then log in as the newly created account with api.super privileges. This results in full administrative compromise of...

8.8CVSS6.3AI score0.00336EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/14 4:16 p.m.6 views

CVE-2026-25691

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...

6.7CVSS0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 3:38 p.m.1 views

CVE-2026-25691

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...

6.7CVSS5.9AI score0.00456EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 3:38 p.m.30 views

CVE-2026-25691

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...

6.7CVSS0.00456EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 3:38 p.m.21 views

CVE-2026-25691

The CVE-2026-25691 issue affects Fortinet FortiSandbox family (FortiSandbox 5.0.0–5.0.5; 4.4.0–4.4.8; 4.2 all versions; FortiSandbox Cloud 5.0.4; FortiSandbox PaaS 5.0.4). A path traversal vulnerability in the HTTP interface may allow a privileged attacker with a super-admin profile and CLI acces...

6.7CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32678

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.5 FortiSandbox versions 4.4.0 through 4.4.8 FortiSandbox version 4.2 FortiSandbox Cloud version 5.0.4 FortiSandbox PaaS version 5.0.4 Description An improper limitation of a pathname to a restricted...

8.7CVSS5.9AI score0.00456EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/10 3:11 p.m.5 views

CVE-2026-29002 CouchCMS Privilege Escalation via f_k_levels_list Parameter

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the fklevelslist parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass...

8.6CVSS5.9AI score0.00427EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

CouchCMS 安全漏洞

CouchCMS is an open-source content management system CMS designed for designers. CouchCMS has a security vulnerability that stems from improper authorization verification. This vulnerability could allow authenticated administrator users to create super-administrator accounts by manipulating...

8.6CVSS5.8AI score0.00427EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.6 views

CVE-2026-35182

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/07 12:0 a.m.5 views

CVE-2026-31272

MRCMS 3.1.2 contains an access control vulnerability. The save method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addition of super administrator accounts without authentication...

5.9AI score0.00577EPSS
Exploits1References1
NVD
NVD
added 2026/04/06 8:16 p.m.9 views

CVE-2026-35182

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS0.00336EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/06 7:10 p.m.17 views

CVE-2026-35182 Missing Authorization Privilege Escalation

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS0.00336EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 7:10 p.m.6 views

EUVD-2026-19458

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:10 p.m.3 views

CVE-2026-35182

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/06 7:10 p.m.15 views

CVE-2026-35182

Brave CMS (open-source) before version 2.0.6 contains a missing authorization check in the POST /rights/update-role/{id} endpoint (routes/web.php). The update-role action lacked the checkUserPermissions:assign-user-roles middleware, allowing any authenticated user to change account roles and prom...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 7:10 p.m.4 views

CVE-2026-35182 Missing Authorization Privilege Escalation

Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization check found in the update role endpoint at routes/web.php. The POST route for /rights/update-role/id lacks the checkUserPermissions:assign-user-roles middleware. This allows any authenticated user to...

8.8CVSS5.9AI score0.00336EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:4 p.m.5 views

CVE-2026-25836

An improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with super-admin profile and CLI access to execute unauthorized code or commands via crafted HTTP...

7.2CVSS6AI score0.0176EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.7 views

CVE-2026-31874

Taskosaur is an open source project management platform with conversational AI for task execution in-app. In 1.0.0, the application does not properly validate or restrict the role parameter during the user registration process. An attacker can manually modify the request payload and assign...

9.8CVSS6AI score0.00638EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/25 5:3 p.m.3 views

Command Injection

Overview modoboa is a Mail hosting made simple Affected versions of this package are vulnerable to Command Injection via the execcmd function. An attacker who has Reseller or SuperAdmin privileges can execute arbitrary operating system commands by supplying specially crafted input, such as domain...

8.6CVSS6.1AI score0.00566EPSS
Exploits1References2
Rows per page
Query Builder