1360 matches found
CVE-2025-12107
Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...
CVE-2025-12107
Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...
CVE-2025-12107 Potential authenticated Server-Side Template Injection (SSTI) vulnerability.
Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...
PT-2026-20796
Name of the Vulnerable Software and Affected Versions versions prior to Feb. 19, 2026 Description The software uses a vulnerable third-party Velocity template engine, allowing a malicious actor with admin privilege to inject and execute arbitrary template syntax within server-side templates...
CVE-2025-14892 Prime Listing Manager <= 1.1 - Unauthenticated Privilege Escalation
The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions due to a hardcoded secret...
UBUNTU-CVE-2025-29952
Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...
CVE-2026-24312
An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data...
CVE-2026-25875
PlaciPy 1.0.0 is affected by CVE-2026-25875 where the admin authorization middleware trusts client-controlled JWT claims (role and scope) without server-side verification. This can enable privilege escalation or unauthorized admin-level actions by an attacker presenting manipulated JWTs. The CVSS...
CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...
CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the SettingsGitHooksEdit function, accessible via the name parameter to the /username/reponame/settings/hooks/git endpoint. An admin user with AllowGitHook privilege can read and write arbitrary files on the serve...
CVE-2025-11730
A post‑authentication command injection vulnerability in the Dynamic DNS DDNS configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50W series firmware versions from V5.35 through V5.41, and...
CVE-2025-68723
Axigen Mail Server before 10.5.57 contains multiple stored XSS in the WebAdmin interface. The three vulnerable areas are: (1) log file name parameter on the Local Services Log page, (2) certificate file content in the SSL Certificates View Usage feature, and (3) the Certificate File name paramete...
CVE-2026-25522 Craft Commerce has Stored XSS in Shipping Zone (Name & Description) Fields Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Zone Name & Descriptio...
CVE-2026-25522 Craft Commerce has Stored XSS in Shipping Zone (Name & Description) Fields Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Zone Name & Descriptio...
CVE-2026-25489 Craft Commerce has Stored XSS in Tax Zones (Name & Description) Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Name & Description fields in Ta...
CVE-2026-25487
CVE-2026-25487 affects Craft Commerce (Craft CMS). A stored XSS flaw exists in the Tax Rates Name field displayed in the admin Store Management panel. Affected versions are 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1. The issue enables attackers with store settings/taxes permissions to injec...
CVE-2026-25486 Craft Commerce has Stored XSS in Shipping Methods Name Field Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. From version 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Methods Name field in the Store Management section is n...
CVE-2026-25485 Craft Commerce has Stored XSS in Shipping Categories (Name & Description) Fields Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Categories Name &...
CVE-2026-25485 Craft Commerce has Stored XSS in Shipping Categories (Name & Description) Fields Leading to Potential Privilege Escalation
Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Categories Name &...