10 matches found
CVE-2026-45806
Penpot before 2.15.0 vulnerable to authenticated SSRF in remote image import. The flow passes a user-controlled URL from frontend to the backend RPC method create-file-media-object-from-url, where media/download-image uses a shared HTTP client without destination filtering, allowing an authentica...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchKey function. An attacker can cause the server to make arbitrary HTTP requests to attacker-controlled destinations by crafting a JWT with malicious claim values that are interpolated into th...
Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2026-1151)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-61925 Astro's `X-Forwarded-Host` is reflected with no validation
Astro is a web framework. Prior to version 5.14.2, Astro reflects the value in X-Forwarded-Host in output when using Astro.url without any validation. It is common for web servers such as nginx to route requests via the Host header, and forward on other request headers. As such as malicious reque...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation when wolfSSL is used as the TLS backend for QUIC. An attacker can impersonate a legitimate server or perform a man-in-the-middle attack by exploiting a skipped certificate verification. Note: The skip of...
WideStand CMS Cross-Site Scripting Vulnerability
WideStand CMS is a content management system from WideStand, Inc. A cross-site scripting vulnerability exists in WideStand CMS versions prior to 5.3.5 that stems from the direct use of the query's URL content to generate one of the meta tags, which would allow an attacker to inject HTML/Javascrip...
h2: Remote Code Execution in Console
A flaw was found in h2. The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. This flaw allows an attacker to use this URL to send another server’s code, causing remote code execution. This issue is exploited...
PT-2022-6098 · Pdfkit · Pdfkit
Name of the Vulnerable Software and Affected Versions: pdfkit versions 0.0.0 through 0.8.7.2 Description: The issue is related to insufficient argument checking in the pdfkit library, which can be exploited by a remote attacker to execute arbitrary commands. This is a Command Injection...
Error: "Cannot Complete Your Request" Due to Incorrect Citrix Gateway URL Usage
The following error is displayed due to incorrect Citrix Gateway URL usage: Cannot Complete Your Request...
PunBB 1.2.14 Remote Code Execution Exploit
No description provided by source. !/usr/bin/php URL: http://www.acid-root.new.fr/ ----------------------------------------------------------------------- Usage: $argv0 -url -usr -pwd Options Params: -url For example http://victim.com/punBB/ -usr User account 1 post at least -pwd Password account...