Lucene search
K

87132 matches found

OSV
OSV
added 2026/04/04 6:43 a.m.4 views

GHSA-4744-96P5-MP2J pyLoad: Unprotected storage_folder enables arbitrary file write to Flask session store and code execution (Incomplete fix for CVE-2026-33509)

Summary The fix for CVE-2026-33509 GHSA-r7mc-x6x7-cqxx added an ADMINONLYOPTIONS set to block non-admin users from modifying security-critical config options. The storagefolder option is not in this set and passes the existing path restriction because the Flask session directory is outside both...

7.5CVSS6.6AI score0.00529EPSS
Exploits2References7
Github Security Blog
Github Security Blog
added 2026/04/04 6:43 a.m.13 views

pyLoad: Unprotected storage_folder enables arbitrary file write to Flask session store and code execution (Incomplete fix for CVE-2026-33509)

Summary The fix for CVE-2026-33509 GHSA-r7mc-x6x7-cqxx added an ADMINONLYOPTIONS set to block non-admin users from modifying security-critical config options. The storagefolder option is not in this set and passes the existing path restriction because the Flask session directory is outside both...

8.8CVSS6.6AI score0.00529EPSS
Exploits2References7Affected Software1
OSV
OSV
added 2026/04/04 6:41 a.m.4 views

GHSA-W48F-WWWF-F5FR pyLoad: Improper Neutralization of Special Elements used in an OS Command

Summary The ADMINONLYOPTIONS protection mechanism restricts security-critical configuration values reconnect scripts, SSL certs, proxy credentials to admin-only access. However, this protection is only applied to core config options, not to plugin config options. The AntiVirus plugin stores an...

8.8CVSS6.4AI score0.00815EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/04 6:41 a.m.6 views

pyLoad: Improper Neutralization of Special Elements used in an OS Command

Summary The ADMINONLYOPTIONS protection mechanism restricts security-critical configuration values reconnect scripts, SSL certs, proxy credentials to admin-only access. However, this protection is only applied to core config options, not to plugin config options. The AntiVirus plugin stores an...

8.8CVSS6.4AI score0.00815EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/04 6:17 a.m.5 views

GHSA-99J6-HJ87-6FCF AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/04 6:17 a.m.9 views

AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php

Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/04 6:16 a.m.2 views

GHSA-2VG4-RRX4-QCPQ AVideo: Unauthenticated FFmpeg Remote Server Status Disclosure via check.ffmpeg.json.php

Summary The plugin/API/check.ffmpeg.json.php endpoint probes the FFmpeg remote server configuration and returns connectivity status without any authentication. All sibling FFmpeg management endpoints kill.ffmpeg.json.php, list.ffmpeg.json.php, ffmpeg.php require User::isAdmin. Details The entire...

5.3CVSS5.9AI score0.0037EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/04 6:16 a.m.7 views

AVideo: Unauthenticated FFmpeg Remote Server Status Disclosure via check.ffmpeg.json.php

Summary The plugin/API/check.ffmpeg.json.php endpoint probes the FFmpeg remote server configuration and returns connectivity status without any authentication. All sibling FFmpeg management endpoints kill.ffmpeg.json.php, list.ffmpeg.json.php, ffmpeg.php require User::isAdmin. Details The entire...

5.3CVSS5.9AI score0.0037EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/04/04 6:8 a.m.5 views

GHSA-Q75C-4GMV-MG9X Directus: Open Redirect in Admin 2FA Setup Page

Summary Directus is vulnerable to an Open Redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a crafted URL, they are presented with the legitimate Directus 2FA setup page. After completing t...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/04 6:8 a.m.4 views

Directus: Open Redirect in Admin 2FA Setup Page

Summary Directus is vulnerable to an Open Redirect via the redirect query parameter on the /admin/tfa-setup page. When an administrator who has not yet configured Two-Factor Authentication 2FA visits a crafted URL, they are presented with the legitimate Directus 2FA setup page. After completing t...

4.3CVSS5.9AI score0.00256EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/04/04 6:4 a.m.2 views

Command Injection

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Command Injection via the public webhook endpoint. An attacker can execute arbitrary commands as the root user within the application container and exfiltrate sensitive environment secrets by...

9.5CVSS6.1AI score0.11982EPSS
Exploits1References2
Veracode
Veracode
added 2026/04/04 5:28 a.m.8 views

Privilege Escalation

LiteLLM is vulnerable to Privilege Escalation. The vulnerability is due to missing admin authorization checks on the /config/update endpoint, which allows an authenticated attacker to modify configurations, execute arbitrary code, and access sensitive data...

8.8CVSS6AI score0.26409EPSS
Exploits2References10Affected Software1
EUVD
EUVD
added 2026/04/04 12:31 a.m.3 views

EUVD-2018-21730

Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests...

9.8CVSS6AI score0.00502EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.5 views

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

5.3CVSS6AI score0.00367EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.5 views

PT-2026-30335

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/API/check.ffmpeg.json.php endpoint allows probing the FFmpeg remote server configuration and retrieving connectivity status without authentication. The sibling endpoints kill.ffmpeg.json.ph...

5.3CVSS5.9AI score0.0037EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.6 views

PT-2026-30341

Name of the Vulnerable Software and Affected Versions pyLoad affected versions not specified Description pyLoad, a Python-based download manager, has a flaw where a user with SETTINGS and ADD permissions can redirect downloads to the Flask filesystem session store. This allows planting a maliciou...

8.8CVSS6.5AI score0.00529EPSS
Exploits2References14
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.3 views

PT-2026-30345

Name of the Vulnerable Software and Affected Versions Visitor Traffic Real Time Statistics plugin for WordPress versions up to and including 8.4 Description The Visitor Traffic Real Time Statistics plugin for WordPress is susceptible to Stored Cross-Site Scripting through the page title parameter...

7.2CVSS6.1AI score0.00257EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.2 views

PT-2026-30368

MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a new download with HTML/JavaScript code in the title parameter, which executes when administrators...

7.2CVSS5.9AI score0.00225EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.9 views

PT-2026-30328

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus is susceptible to an open redirect issue through the redirect parameter on the /admin/tfa-setup page. An administrator who has not configured Two-Factor Authentication 2FA may be redirect...

4.3CVSS5.8AI score0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.9 views

PT-2026-30351

Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the users endpoint with hidden fields...

6.9CVSS5.9AI score0.00146EPSS
Exploits1References3
Rows per page
Query Builder