64 matches found
BIT-APPSMITH-2026-34411 Appsmith < 1.98 Unauthenticated Instance Configuration Disclosure via Management APIs
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and unsalted SHA-256...
CVE-2026-34365
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...
SUSE CVE-2026-33205
calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoint of calibre e-book reader's web view allows an attacker to perform blind GET requests to arbitra...
CVE-2026-20162
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a Vie...
EUVD-2026-11226
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a Vie...
CVE-2026-20162 Stored Cross-Site Scripting (XSS) through Path Traversal in Splunk Enterprise
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a Vie...
CVE-2024-58307 CSZCMS 1.3.0 Authenticated SQL Injection via Members View Endpoint
CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks...
CVE-2025-11741
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.2.5 via the 'woosqquickview' AJAX endpoint due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...
CVE-2025-46343 n8n Vulnerable to Stored XSS through Attachments View Endpoint
n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting XSS through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME typ...
CVE-2025-46343 n8n Vulnerable to Stored XSS through Attachments View Endpoint
n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting XSS through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME typ...
CVE-2025-46343 n8n Vulnerable to Stored XSS through Attachments View Endpoint
n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting XSS through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME typ...
n8n 跨站脚本漏洞
n8n is a scalable workflow automation tool from n8n open source. A cross-site scripting vulnerability exists in n8n versions prior to 1.90.0, which stems from the presence of a stored cross-site scripting attack on an attachment view endpoint...
CVE-2024-12882
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery SSRF vulnerability. This vulnerability can be exploited by combining the REST APIs POST /internal/models/download and GET /view, allowing attackers to abuse the victim server's credentials to access...
CVE-2024-10099
A stored cross-site scripting XSS vulnerability exists in comfyanonymous/comfyui version 0.2.2 and possibly earlier. The vulnerability occurs when an attacker uploads an HTML file containing a malicious XSS payload via the /api/upload/image endpoint. The payload is executed when the file is viewe...
PT-2024-39930 · Unknown · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A vulnerability was found in the software, affecting an unknown function of the file "/admin/?page=inventory/view inventory&id=2". The manipulation of the Code argument leads to...
PT-2024-39929 · Unknown · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical issue has been found in the processing of the file "/admin/?page=inventory/view inventory&id=2". The manipulation of the id argument leads to SQL injection. The attack may...
PT-2024-38754 · Genexis · Genexis Tilgin Home Gateway
Name of the Vulnerable Software and Affected Versions: Genexis Tilgin Home Gateway version 322 AS0500-03 05 13 05 Description: This issue affects some unknown processing of the file "/vood/cgi-bin/vood view.cgi?lang=EN&act=user/spec...
PT-2024-30559 · Xwiki · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.21 XWiki Platform versions prior to 15.5.5 XWiki Platform versions prior to 15.10.6 XWiki Platform versions prior to 16.0.0 Description: The issue allows a user without Script or Programming rights to...
PT-2024-29328 · Unknown · Kashipara Responsive School Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: An issue was found in the /smsa/view students.php endpoint, allowing remote unauthenticated attackers to view student details. This issue affects the ability to control...
PT-2024-29323 · Unknown · Kashipara Responsive School Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Responsive School Management System version 3.2.0 Description: An issue was found in the /smsa/view teachers.php endpoint, allowing remote unauthenticated attackers to view teacher details due to incorrect access control...