Lucene search
K

402 matches found

Cvelist
Cvelist
added 2026/04/03 8:6 p.m.29 views

CVE-2026-25726 Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now.UnixNano to generate critical security secrets, including the secretkey, and hashidsalt. These secrets are generated...

8.1CVSS0.00376EPSS
Exploits0References2
NVD
NVD
added 2026/04/02 3:16 p.m.6 views

CVE-2026-34974

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ SvgSanitizer.php can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with editfaq permission can upload a malicious SVG that executes...

5.4CVSS0.00176EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 2:48 p.m.2 views

CVE-2026-34974

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ SvgSanitizer.php can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with editfaq permission can upload a malicious SVG that executes...

5.4CVSS5.8AI score0.00176EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/04/02 2:48 p.m.21 views

CVE-2026-34974

The CVE-2026-34974 vulnerability affects phpMyFAQ prior to version 4.1.1, where the SVG sanitizer (SvgSanitizer.php) uses regexes that can be bypassed by HTML entity encoding in javascript: URLs inside SVG attributes. An attacker with edit_faq permission can upload a malicious SVG that executes ...

5.4CVSS5.8AI score0.00176EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/01 10:7 p.m.8 views

CI4MS: Blogs Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Blog Category Title Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Blog Category Title in Blog Management Description The application fails to properly sanitize user-controlled input when creating or editing blog categories. An...

9.9CVSS6.2AI score0.00324EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/01 10:7 p.m.3 views

GHSA-X7WH-G25G-53VG CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Blog Post Content Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Blog Post Content in Blog Management Description The application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker...

9.1CVSS6.2AI score0.00317EPSS
Exploits1References4
OSV
OSV
added 2026/04/01 10:5 p.m.2 views

GHSA-XGH5-W62M-8MPR CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Posts Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Post Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Posts to navigation menus throu...

9.1CVSS6.2AI score0.00269EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/01 10:5 p.m.5 views

CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Posts Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Post Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Posts to navigation menus throu...

9.1CVSS6.2AI score0.00269EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/01 10:4 p.m.2 views

GHSA-G4PP-FHGF-8653 CI4MS: Menu Management (Pages) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Pages Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Page Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Pages to navigation menus throu...

9.1CVSS6.2AI score0.00307EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/01 10:4 p.m.4 views

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via the backup filename field during backup upload and processing. An attacker can execute arbitrary JavaScript in the browsers of privileged user...

9.1CVSS6AI score0.00269EPSS
Exploits1References2
OSV
OSV
added 2026/04/01 9:53 p.m.2 views

GHSA-4333-387X-W245 CI4MS: Blogs Tags Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Blog Tag Name Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Blog Tag Name in Blog Management Description The application fails to properly sanitize user-controlled input when creating or editing blog tags. An attacker can inje...

9.1CVSS6.2AI score0.00324EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/01 9:53 p.m.25 views

CI4MS: Blogs Tags Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Blog Tag Name Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized Blog Tag Name in Blog Management Description The application fails to properly sanitize user-controlled input when creating or editing blog tags. An attacker can inje...

9.1CVSS6.2AI score0.00324EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 9:32 p.m.3 views

CVE-2026-34571 CI4MS: Stored Cross‑Site Scripting (Stored XSS) in Backend User Management Allows Session Hijacking and Full Administrative Account Compromise

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored Cross-Site Scripting Stored XSS vulnerability exists in the backend user management functionality. The application fail...

9.9CVSS6AI score0.00393EPSS
Exploits1References2
CVE
CVE
added 2026/04/01 9:27 p.m.9 views

CVE-2026-34566

CVE-2026-34566 affects CI4MS, a CodeIgniter 4-based CMS skeleton. Prior to version 0.31.0.0, user-controlled input in Page Management is not properly sanitized, allowing attacker-controlled JavaScript to be stored server-side and later rendered without output encoding in admin page lists and publ...

9.1CVSS5.7AI score0.00269EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/04/01 12:10 a.m.3 views

GHSA-RPJR-985C-QHVM CI4MS: Permissions Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Group / Role Management Fields Administrative Context Execution - Stored Cross-Site Scripting via Unsanitized Group / Role Management Inputs Description The application fails to properly sanitize user-controlled input within group and role management...

9.1CVSS6AI score0.00307EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/01 12:10 a.m.3 views

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via unsanitized input in group and role management fields. An attacker can execute arbitrary JavaScript in the context of an administrator's brows...

9.1CVSS6AI score0.00307EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.5 views

CVE-2026-2931

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

8.8CVSS5.8AI score0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.9 views

PT-2026-28639

Name of the Vulnerable Software and Affected Versions Ultimate Member plugin for WordPress versions through 2.11.2 Description The Ultimate Member plugin for WordPress is susceptible to Sensitive Information Exposure. The issue stems from the 'usermeta:password reset link' template tag being...

8CVSS5.9AI score0.00229EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-28430

Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the customdates parameter. By chaining this with a predictable legacy password reset mechanism, an...

9.8CVSS6.1AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-31881

Runtipi is a personal homeserver orchestrator. Prior to 4.8.0, an unauthenticated attacker can reset the operator admin password when a password-reset request is active, resulting in full account takeover. The endpoint POST /api/auth/reset-password is exposed without authentication/authorization...

9.8CVSS5.9AI score0.0043EPSS
Exploits1References1
Rows per page
Query Builder