Lucene search
K

87115 matches found

CVE
CVE
added 2026/04/26 12:30 a.m.10 views

CVE-2026-7011

MaxSite CMS

4.8CVSS3.3AI score0.00269EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.8 views

GreenCMS 访问控制错误漏洞

GreenCMS is an open-source content management system CMS developed using ThinkPHP. Versions of GreenCMS 2.3 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from improper handling of the themeadd function in the...

6.5CVSS6.6AI score0.00201EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.7 views

CodeAstro Online Job Portal 注入漏洞

CodeAstro Online Job Portal is an online job portal operated by CodeAstro Corporation. Version 1.0 of CodeAstro Online Job Portal has a vulnerability due to improper handling of ID parameters in the admin/jobs-admins/delete-jobs.php file within the All Jobs Page component, which may lead to SQL...

5.8CVSS5.9AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.7 views

GreenCMS 访问控制错误漏洞

GreenCMS is an open-source content management system CMS developed using ThinkPHP. Versions of GreenCMS 2.3 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from improper handling of the pluginAddLocal function in the...

6.5CVSS6.6AI score0.00201EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 11:27 p.m.63 views

GHSA-V4P8-MG3P-G94G LiteLLM: Authenticated command execution via MCP stdio test endpoints

Impact Two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio...

8.8CVSS6AI score0.75873EPSS
Exploits1References5
Snyk
Snyk
added 2026/04/25 4:18 p.m.3 views

Server-side Request Forgery (SSRF)

Overview pagekit/pagekit is a modular and lightweight CMS built with Symfony components and Vue.js. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the url argument in the /index.php/admin/system/update/download process. An attacker can access internal...

5.8CVSS5.8AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/25 3:15 p.m.5 views

EUVD-2026-25659

A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit i...

5.8CVSS4.9AI score0.00273EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/25 11:45 a.m.3 views

CVE-2026-6978 JiZhiCMS addcache.html htmlspecialchars_decode sql injection

A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialcharsdecode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument sqls results in sql injection. It is possible to launch the attack remotely. The exploit is now publi...

5.8CVSS5.1AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/25 7:22 a.m.7 views

CVE-2026-41166

OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has write:admin in one Keycloak realm can call the Manager API to update Keycloak realm roles for users in another realm, including master. The handler uses the realm path segment when talking to the...

7CVSS5.3AI score0.00285EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/04/25 1:39 a.m.8 views

SUSE CVE-2026-31570

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

7CVSS5.5AI score0.00262EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.5 views

PT-2026-35154

A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit i...

5.8CVSS5.2AI score0.00273EPSS
Exploits0References5
NVD
NVD
added 2026/04/24 9:16 p.m.3 views

CVE-2026-41478

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 8:52 p.m.30 views

CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS0.00264EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 8:52 p.m.5 views

CVE-2026-41478

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS5.9AI score0.00264EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/24 8:52 p.m.2 views

CVE-2026-41478 Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through...

9.9CVSS5.8AI score0.00264EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/24 8:20 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the /debug/vars endpoint, which exposes the process command line including sensitive startup flags. An attacker can gain unauthorized access to admin-only endpoints by retrieving the admin token and replaying it...

9.8CVSS5.3AI score0.02187EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/24 8:20 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the /debug/vars endpoint, which exposes the process command line including sensitive startup flags. An attacker can gain unauthorized access to admin-only endpoints by retrieving the admin token and replaying it...

9.8CVSS5.3AI score0.02187EPSS
Exploits1References2
NVD
NVD
added 2026/04/24 7:17 p.m.9 views

CVE-2026-41492

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can...

9.8CVSS0.02187EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/24 6:29 p.m.53 views

CVE-2026-41492 Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can...

9.8CVSS0.02187EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/24 6:29 p.m.5 views

EUVD-2026-25599

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can...

9.8CVSS5.3AI score0.02187EPSS
Exploits1References2
Rows per page
Query Builder