Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/05 7:18 p.m.27 views

CVE-2026-46401 HAX CMS PHP has Insufficient Session Expiration

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after user logout. This allows attackers who obtain valid tokens to maintain persistent access to...

5.3CVSS0.00311EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 6:24 p.m.30 views

CVE-2026-46393

The CVE-2026-46393 entry documents an authenticated SSRF in HAXcms createSite. In affected versions prior to 26.0.0, a malicious build.files input lets an authenticated user cause server-side requests (via file_get_contents on attacker-controlled tmp_name), enabling fetches of arbitrary internal/...

7.1CVSS5.6AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

HAXCMS 跨站脚本漏洞

HAXCMS is an open-source content management system developed by HAX The Web. Versions of HAXCMS prior to 26.0.0 had a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of iframe elements, which could allow attackers to execute arbitrary JavaScript in the victim...

9.3CVSS5.5AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.126 views

pyOpenSSL 22.0.x < 26.0.0 Buffer Overflow

The version of pyOpenSSL installed on the remote host is prior to 26.0.0. It is, therefore, affected by a buffer overflow vulnerability: - pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to...

9.8CVSS5.5AI score0.00704EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-27459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to...

9.8CVSS5.9AI score0.00704EPSS
Exploits0References2
Rows per page
Query Builder