Lucene search
K

945 matches found

OSV
OSV
added 2026/04/23 10:59 a.m.6 views

CLSA-2026-1776941944 tigervnc: Fix of CVE-2026-34352

CVE-2026-34352: fix world-accessible SHM segment in x0vncserver by changing shmget mode from 0777 to 0600 in ShmImage::Init...

9.8CVSS5.8AI score0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/04/21 7:54 p.m.24 views

CVE-2026-40909

WWBN AVideo (pre-29.0) contains a path traversal in locale/save.php that concatenates $_POST['flag'] into the target path and writes $_POST['code'] to that path via fwrite(), allowing an attacker with admin access or CSRF to write arbitrary PHP files outside locale/ and achieve Remote Code Execut...

8.7CVSS5.9AI score0.00656EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/04/21 12:0 a.m.7 views

Insertion of Sensitive Information into Externally-Accessible File or Directory

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory via the Information Schema component. An attacker can gain unauthorized access to sensitive data by sending crafted requests over the network with high...

5.1CVSS7.7AI score0.00259EPSS
Exploits0References2
NVD
NVD
added 2026/04/18 12:16 a.m.5 views

CVE-2026-40484

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory, which performs no file...

9.1CVSS0.00867EPSS
Exploits0References3
OSV
OSV
added 2026/04/14 11:22 p.m.6 views

GHSA-J432-4W3J-3W8J WWBN AVideo has a SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL

Summary The isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach...

7.7CVSS5.8AI score0.003EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/14 11:22 p.m.12 views

WWBN AVideo has a SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURL

Summary The isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares only the hostname and ignores the port, an attacker can reach...

7.7CVSS5.8AI score0.003EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/13 7:16 p.m.8 views

CVE-2026-40040

Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute th...

8.8CVSS0.00474EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.11 views

PT-2026-32494

Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute th...

8.8CVSS6.6AI score0.00474EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2026/04/13 12:0 a.m.10 views

VulnCheck KEV: CVE-2026-27175

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated OS command injection via rc/index.php. The $param variable from user input is interpolated into a command string within double quotes without sanitization via escapeshellarg. The command is inserted into a database queue by...

9.8CVSS6.5AI score0.06872EPSS
In wildExploits3References2
Zero Science Lab
Zero Science Lab
added 2026/04/12 12:0 a.m.58 views

Pachno 1.0.6 (uploadfile) Unrestricted File Upload Remote Code Execution

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

8.8CVSS6.2AI score0.00474EPSS
Exploits1
NVD
NVD
added 2026/04/10 6:16 p.m.6 views

CVE-2026-32931

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its...

8.8CVSS0.00495EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-32010

Name of the Vulnerable Software and Affected Versions Chamilo LMS versions prior to 1.11.38 and prior to 2.0.0-RC.3 Description Chamilo LMS, a learning management system, contains a file upload issue in the exercise sound upload function. An authenticated teacher can upload a PHP webshell by...

7.5CVSS5.9AI score0.00495EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/09 9:29 p.m.2 views

CVE-2026-40151 PraisonAI Affected by Unauthenticated Information Disclosure of Agent Instructions via /api/agents in AgentOS

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the AgentOS deployment platform exposes a GET /api/agents endpoint that returns agent names, roles, and the first 100 characters of agent system instructions to any unauthenticated caller. The AgentOS FastAPI application has no...

5.3CVSS5.8AI score0.00758EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:29 p.m.3 views

CVE-2026-40151

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the AgentOS deployment platform exposes a GET /api/agents endpoint that returns agent names, roles, and the first 100 characters of agent system instructions to any unauthenticated caller. The AgentOS FastAPI application has no...

5.3CVSS5.9AI score0.00758EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/03 11:1 p.m.4 views

CVE-2026-34735

The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload endpoint validates uploaded files by checking their MIME type via PHP's finfo, which inspects file contents but constructs the stored filename using the...

8.7CVSS6AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 6:0 a.m.18 views

CVE-2026-2696

The CVE-2026-2696 entry concerns the WordPress plugin Export All URLs (versions before 5.1). Affected component: the plugin’s CSV filename generation uses a predictable pattern based on a random 6‑digit number, and exported CSVs are stored in publicly accessible wp-content/uploads. This enables a...

5.3CVSS5.9AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2025-55043

MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality csettings.cfc createBundle method that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerabili...

6.5CVSS5.6AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2026-30704

The WiFi Extender WDR201A HW V2.1, FW LFMZX28040922V1.02 exposes an unprotected UART interface through accessible hardware pads on the PCB...

9.1CVSS5.8AI score0.00307EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.3 views

CVE-2026-28204

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

6.9CVSS5.8AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 12:30 p.m.4 views

EUVD-2026-16164

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while...

10CVSS6.2AI score0.01279EPSS
Exploits0References4
Rows per page
Query Builder