Lucene search
K

475 matches found

Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-55590 CakePHP: Open redirect weakness via backslash bypass

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS0.00578EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-55590

CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the...

5.1CVSS5.9AI score0.00578EPSS
Exploits0References11Affected Software1
CVE
CVE
added 5 days ago28 views

CVE-2026-55590

The CVE-2026-55590 entry concerns the CakePHP Authentication plugin (CakePHP, PSR-7 compatible) with a backslash bypass in getLoginRedirect() that enables open redirects to attacker-controlled hostnames through the redirect query parameter. Affected versions: prior to 2.11.1, 3.3.6, and 4.1.1. Th...

6.1CVSS5.9AI score0.00578EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2026/07/03 8:19 p.m.30 views

CVE-2026-25779

Gitea is affected up to version 1.25.4 by an open redirect in redirect_to caused by using raw or encoded backslashes in the redirect_to parameter; the root cause is improper validation in modules/httplib/url.go, allowing directory traversal sequences to bypass validation. Impacts include phishing...

6.1CVSS5.9AI score0.00248EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.37 views

CVE-2026-25779 Gitea redirect handling permits open redirects through backslash paths

Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirectto values...

0.00248EPSS
Exploits0References5
OSV
OSV
added 2026/07/03 8:19 p.m.2 views

CVE-2026-25779 Gitea redirect handling permits open redirects through backslash paths

Gitea versions up to and including 1.25.4 allow redirect bypasses through raw or percent-encoded backslashes in redirectto values...

6.1CVSS5.9AI score0.00248EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54444

Name of the Vulnerable Software and Affected Versions probod versions prior to 0.194.1 Description The saferedirect package in go.probo.inc/probo fails to properly validate redirect URLs used in authentication flows, such as OIDC, SAML, session transfer, OAuth connectors, and trust-center magic...

4.7CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52980

Name of the Vulnerable Software and Affected Versions Kestra versions prior to 1.0.45 Kestra versions prior to 1.3.23 Description The local internal-storage backend fails to properly validate user-supplied paths because it checks for directory traversal sequences before converting Windows-style...

7.7CVSS5.9AI score0.00386EPSS
Exploits1References8
CVE
CVE
added 2026/06/23 5:50 p.m.16 views

CVE-2026-52844

CVE-2026-52844 describes a Windows-specific path handling bug in Caddy prior to 2.11.4 where path matchers do not normalize backslashes, causing a request like /private%5csecret.txt to bypass path-scoped auth and reach the protected file, e.g., /private/*, through file_server. The issue is exploi...

7.5CVSS5.9AI score0.00409EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 6:22 p.m.58 views

CVE-2026-53779 WebP Server Go < 0.15.0 Path Traversal via Backslash Encoding on Windows

WebP Server Go through 0.14.4 contains a path traversal vulnerability on Windows that allows unauthenticated attackers to read files outside the configured IMGPATH directory by sending requests with percent-encoded backslashes %5C that bypass the path.Clean sanitization in handler/router.go...

8.7CVSS0.00408EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 6:16 p.m.15 views

CVE-2026-54286

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on Windows hosts, an encoded backslash %5C in the request path decodes to , which the Windows path resolver treats as a separator. serve-static then resolves a single URL segment such as...

5.9CVSS0.00292EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 5:14 p.m.6 views

CVE-2026-54286

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on Windows hosts, an encoded backslash %5C in the request path decodes to , which the Windows path resolver treats as a separator. serve-static then resolves a single URL segment such as...

5.9CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/22 5:14 p.m.31 views

CVE-2026-54286

CVE-2026-54286 concerns Hono’s path traversal in the Windows environment via encoded backslash (%5C) in the request path. A prior issue (pre-4.12.25) causes %5C to decode to a backslash, which Windows path resolution treats as a separator, allowing a crafted URL segment (e.g., admin\secret.txt) t...

5.9CVSS5.8AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 5:14 p.m.36 views

CVE-2026-54286 Hono: Path traversal in `serve-static` on Windows via encoded backslash (`%5C`)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on Windows hosts, an encoded backslash %5C in the request path decodes to , which the Windows path resolver treats as a separator. serve-static then resolves a single URL segment such as...

5.9CVSS0.00292EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 9:16 p.m.8 views

GHSA-M999-J542-5W3R Open Redirect Bypass in miniflux-v2

Summary The URL restrictions in miniflux-v2 can be bypassed by attackers, leading to an open redirect vulnerability. Details Normally, the redirect URL needs to be validated using IsRelativePath. There are some security measures in place, such as requiring relative paths, prohibiting host and...

5.1CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/17 6:52 p.m.4 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect in the getLoginRedirect function. An attacker can redirect users to an attacker-controlled hostname by exploiting a backslash bypass in the redirect target. Remediation Upgrade cakephp/authentication to version 3.3.6, 4.1....

6.1CVSS5.8AI score0.00578EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/17 6:52 p.m.15 views

CakePHP Authentication: Open redirect weakness via backslash bypass

Impact The getLoginRedirect method contains a weakness to backslash bypasses allowing redirect targets with attacker controlled hostnames. Patches 3.3.6 and 4.1.1 contain a fix for this issue. Workarounds If you are unable to upgrade, you should consider adding application validation to the...

6.1CVSS5.3AI score0.00578EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 6:10 p.m.11 views

Gitea: Open Redirect via redirect_to

Details Despite the validation within urlIsRelative in modules/httplib/url.go, an open redirect is still possible due to usage of directory traversal sequences plus a back-slash in the "redirectto" parameter. PoC When a user uses this URL to login:...

6.1CVSS5.3AI score0.00248EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/17 6:10 p.m.3 views

GHSA-J5R2-4C8J-XC3M Gitea: Open Redirect via redirect_to

Details Despite the validation within urlIsRelative in modules/httplib/url.go, an open redirect is still possible due to usage of directory traversal sequences plus a back-slash in the "redirectto" parameter. PoC When a user uses this URL to login:...

5.1CVSS5.4AI score0.00248EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/17 6:10 p.m.4 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via the redirectto parameter when directory traversal sequences and a backslash are used. An attacker can redirect users to arbitrary external sites by crafting a malicious URL, potentially leading to phishing, token theft...

6.1CVSS6.1AI score0.00248EPSS
Exploits0References2
Rows per page
Query Builder