Missing Authorization

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Missing Authorization in the ConfigurationTabController endpoints due to missing permission checks. An attacker can access sensitive configuration...

CVE-2026-38429

OpenCMS v20 and before is vulnerable to XML External Entity XXE in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml...

CVE-2026-27960

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admi...

CVE-2026-8032

A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js. This manipulation of the argument ADMINKEY causes hard-coded credentials. The attack is possible to be carried out remotely. The exploit has...

Missing Authorization

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Missing Authorization in the delete process. An attacker can remove tags and disrupt FAQ organization by sending crafted DELETE requests to the admin AP...

Incorrect Authorization

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Incorrect Authorization in the userHasPermission process. An attacker can gain unauthorized access to sensitive administrative data by sending requests ...

phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check

Summary AbstractAdministrationController::userHasPermission catches the ForbiddenException thrown when a user lacks a specific permission, sends a "forbidden" HTML page via $response-send, but does not terminate execution. The calling controller method continues to execute, fetches protected data...

Incorrect Authorization

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Incorrect Authorization in the userHasPermission process. An attacker can gain unauthorized access to sensitive administrative data by sending requests ...

GHSA-HPGW-WW76-C68R phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check

Summary AbstractAdministrationController::userHasPermission catches the ForbiddenException thrown when a user lacks a specific permission, sends a "forbidden" HTML page via $response-send, but does not terminate execution. The calling controller method continues to execute, fetches protected data...

phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering

Summary A stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application. Details...

GHSA-9525-27VJ-C8R8 phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering

Summary A stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application. Details...

CVE-2026-40326 Masa CMS CSRF in site bundle creation allows unauthorized site data export

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the createBundle method in csettings.cfc does not properly validate anti-CSRF tokens for site bundle creation requests. An attacker can craft a malicious webpage or link that, when visited by a logged-in...

CVE-2026-40326 Masa CMS CSRF in site bundle creation allows unauthorized site data export

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the createBundle method in csettings.cfc does not properly validate anti-CSRF tokens for site bundle creation requests. An attacker can craft a malicious webpage or link that, when visited by a logged-in...

CVE-2026-40326

Summary: Masa CMS (fork of Mura CMS) contains a CSRF flaw in the createBundle flow (csettings.cfc) that, in versions ≤7.5.2, can be abused by a logged-in admin to trigger silent site-bundle creation. The resulting bundle is written to a predictable public directory, enabling an unauthenticated ac...

CVE-2026-40326

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the createBundle method in csettings.cfc does not properly validate anti-CSRF tokens for site bundle creation requests. An attacker can craft a malicious webpage or link that, when visited by a logged-in...

CVE-2026-40325

Summary: CVE-2026-40325 affects Masa CMS (fork of Mura CMS). In versions up to 7.5.2, the cTrash.restore function fails to validate anti-CSRF tokens, allowing an attacker to lure a logged-in administrator into a forged request that restores deleted items and places them at an attacker-controlled ...

CVE-2026-40325

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

CVE-2026-43579

OpenClaw before 2026.4.10 contains an insufficient access control vulnerability in Nostr plugin HTTP profile routes that allows operators with write permissions to persist profile configuration without requiring admin authority. Attackers with operator.write scope can modify Nostr profile setting...

CVE-2026-43579 OpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation Routes

OpenClaw before 2026.4.10 contains an insufficient access control vulnerability in Nostr plugin HTTP profile routes that allows operators with write permissions to persist profile configuration without requiring admin authority. Attackers with operator.write scope can modify Nostr profile setting...

CVE-2026-40309

CVE-2026-40309 : Masa CMS (fork of Mura CMS) contains a CSRF flaw in the trash management path. In versions up to 7.5.2, cTrash.empty does not validate anti-CSRF tokens, allowing an authenticated administrator to be tricked into submitting a forged request that permanently deletes all trashed con...