CVE-2026-44012 Craft CMS: Missing Volume Permission Check in AssetsController::actionShowInFolder Allows Information Disclosure

Craft CMS is a content management system CMS. From 5.0.0-RC1 to before 5.9.18, AssetsController::actionShowInFolder fetches an asset by ID and returns its filename and complete folder hierarchy including volume handle, volume UID, folder names, folder UIDs, and folder URI paths without checking...

CVE-2026-32262 Craft CMS has a Path Traversal Vulnerability in AssetsController

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before...

EUVD-2026-12503

Craft CMS has a Path Traversal Vulnerability in AssetsController...

GHSA-472V-J2G4-G9H2 Craft CMS has a Path Traversal Vulnerability in AssetsController

The AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before Assets::prepareAssetName is applied on save. This allows an authenticated user with replaceFiles permission to delete arbitrary files within the same filesystem root by...

Craft CMS 路径遍历漏洞

Craft CMS is an open-source content management system developed by Craft Studio. Versions of Craft CMS from 4.0.0-RC1 to 4.17.5, as well as 5.0.0-RC1 to 5.9.11, contained a path traversal vulnerability. This vulnerability stemmed from the targetFilename parameter in the AssetsController-replaceFi...

Design/Logic Flaw

In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering...

CVE-2023-29770

In CVE-2023-29770, Sentrifugo 3.5 is affected by a vulnerability in AssetsController::uploadsaveAction that allows an authenticated attacker to upload arbitrary files without extension filtering. The issue enables unauthenticated? No—authenticated attacker per description, with impact described a...

CVE-2023-29770

In Sentrifugo 3.5, the AssetsController::uploadsaveAction function allows an authenticated attacker to upload any file without extension filtering...

Improper Access Control

snipe/snipe-it is vulnerable to improper access control. The vulnerability exists in the getRequestedIndex function in AssetsController.php due to insufficient user permissions to assets index which allows unauthorized users to access the system...

Snipe-IT Cross-Site Scripting Vulnerability

Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the lack of filtering and escaping of user-submitted data in AssetsController, for which no detailed vulnerability details are currently available...