31 matches found
CVE-2026-24382
Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through = 1.2.50...
EUVD-2026-15574
Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through = 1.2.50...
CVE-2026-24382
Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through = 1.2.50...
CVE-2026-24382 WordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerability
Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through = 1.2.50...
CVE-2026-25531
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, The fix for CVE-2023-33968 is incomplete. The TaskCreationController::duplicateProjects endpoint does not validate user permissions for target projects, allowing authenticated users to duplicate tasks into...
CVE-2026-25531 Kanboard TaskCreationController::duplicateProjects() endpoint does not validate user permissions for target projects
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, The fix for CVE-2023-33968 is incomplete. The TaskCreationController::duplicateProjects endpoint does not validate user permissions for target projects, allowing authenticated users to duplicate tasks into...
CVE-2026-25531 Kanboard TaskCreationController::duplicateProjects() endpoint does not validate user permissions for target projects
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, The fix for CVE-2023-33968 is incomplete. The TaskCreationController::duplicateProjects endpoint does not validate user permissions for target projects, allowing authenticated users to duplicate tasks into...
Kanboard 安全漏洞
Kanboard is a set of open-source visualization taskboards developed by Kanboard. This software allows for the customization of panels according to business needs. Versions of Kanboard prior to 1.2.50 contained security vulnerabilities. These vulnerabilities stemmed from the...
Linux Distros Unpatched Vulnerability : CVE-2026-25924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an...
CVE-2026-25924
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
DEBIAN-CVE-2026-25924
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
CVE-2026-25924
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
CVE-2026-25924 Kanboard is Missing Access Control on Plugin Installation leading to Administrative RCE
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
CVE-2026-25924 Kanboard is Missing Access Control on Plugin Installation leading to Administrative RCE
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
CVE-2026-25924
CVE-2026-25924 affects Kanboard prior to 1.2.50. A security control bypass allows an authenticated administrator to trigger a remote code execution via the plugin installation workflow: the PLUGIN_INSTALLER setting is not enforced in the backend endpoint, enabling forced download and installation...
CVE-2026-25924
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a security control bypass vulnerability in Kanboard allows an authenticated administrator to achieve full Remote Code Execution RCE. Although the application correctly hides the plugin installation interface...
CVE-2026-24885
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a Cross-Site Request Forgery CSRF vulnerability exists in the ProjectPermissionController within the Kanboard application. The application fails to strictly enforce the application/json Content-Type for the...
Kanboard 安全漏洞
Kanboard is a set of open-source visualization taskboards developed by Kanboard. This software allows for the customization of panels according to business needs. Versions of Kanboard prior to 1.2.50 contained security vulnerabilities. These vulnerabilities stemmed from bypassing security control...
PT-2026-7715
Name of the Vulnerable Software and Affected Versions Kanboard versions prior to 1.2.50 Description Kanboard is project management software based on the Kanban methodology. A security control bypass allows an authenticated administrator to achieve Remote Code Execution RCE. The application does n...
Linux Distros Unpatched Vulnerability : CVE-2026-25530
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, the getSwimlane API method lacks project-level authorization, allowing...