Stored Cross-Site Scripting (XSS) via uploaded files served inline in FileField and ImageField

More info at https://github.com/EasyCorp/EasyAdminBundle/security/advisories/GHSA-8559-gwj3-q37r...

CVE-2026-45543

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had resul...

CVE-2026-45543 Nextcloud: Deleting a Forms collaborator share leaves uploaded response files accessible through a lingering Files share

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had resul...

EUVD-2026-33713

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had resul...

PT-2026-45531

Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the affected form. The scope is limited to uploaded files for forms where that user previously had resul...

PT-2026-43495

The CM Ad Changer – A simple tool to control and optimize your site's banners plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the cmac campaigns action function. This makes it...

Astra Linux - уязвимость в python-django

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with appropriately crafted file names...

CVE-2026-45301

Open WebUI (self-hosted AI platform) is affected by CVE-2026-45301 due to a missing permission check in all files-related API endpoints. Before version 0.3.16, any authenticated user could list, access, and delete files uploaded by any user via the /api/v1/files endpoints, exposing confidential d...

Incorrect Permission Assignment for Critical Resource

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the files/ endpoints. An attacker can list, access and delete every uploaded file due to absence of authorisation on these endpoints. Remediation Upgra...

GHSA-R8WH-8M7R-FH33 Open WebUI: Missing permission check in files API allows authenticated users to list, access and delete every uploaded file

Summary A missing permission check in all files related API endpoints allows any authenticated user to list, access and delete every file uploaded by every user to the platform. Details All files/ related endpoints lack permission checks. Listing all files For example, let's see how file listing ...

PT-2026-39517

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...

Access Control Bypass

Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Access Control Bypass via the app/Http/Controllers/Api/UploadedFilesController.php component. An attacker can gain unauthorized access and potentially execute arbitrary code...

EUVD-2026-28401

Snipe-IT has insecure permissions in file uploads...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

Snipe-IT 访问控制错误漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT 8.4.0 and earlier contained a access control vulnerability. This vulnerability stemmed from improper permission settings in the app/Http/Controllers/Api/UploadedFilesController.php...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

CVE-2026-37709

Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...

CVE-2016-20052

CVE-2016-20052 affects Snews CMS 1.7 and describes an unrestricted file upload vulnerability exploitable by unauthenticated attackers. The issue allows uploading arbitrary files—including PHP executables—to the snews_files directory via the multipart form-data upload endpoint. Attackers can then ...

EUVD-2026-18653

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued...