CVE-2026-48134 SQL injection issue in UserCheck Portal when DLP Software Blade is active

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

EUVD-2026-30987

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting XSS vulnerability in the ticket reply notification system. Unsanitized reply content $newmessage is stored directly in database notification payloads and later rendered...

CtrlPanel.gg 跨站脚本漏洞

CtrlPanel.gg is an open-source hosting service billing management tool developed by CtrlPanel.gg. Versions of CtrlPanel.gg 1.1.1 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the content of responses in the ticket reply system was not...

CVE-2026-41524

Brave CMS is an open-source CMS. Prior to commit 6c56603, page and article body content entered through the CKEditor rich-text editor is stored verbatim in the database and subsequently rendered with Laravel Blade's unescaped output directive !! !!. Any JavaScript or HTML injected by an editor-ro...

CVE-2026-41576

Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible no authentication required. User-supplied message text is passed through PHP's nl2br function, which converts newlines to tags but does not escape HTML. The resulting string is then passed to a Blade...

CVE-2026-41576 Ajax30/BraveCMS-2.0: Stored HTML Injection in Contact Email via nl2br() and Unescaped Blade Template

Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible no authentication required. User-supplied message text is passed through PHP's nl2br function, which converts newlines to tags but does not escape HTML. The resulting string is then passed to a Blade...

CVE-2026-41576 Ajax30/BraveCMS-2.0: Stored HTML Injection in Contact Email via nl2br() and Unescaped Blade Template

Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible no authentication required. User-supplied message text is passed through PHP's nl2br function, which converts newlines to tags but does not escape HTML. The resulting string is then passed to a Blade...

PT-2026-39140

Name of the Vulnerable Software and Affected Versions Brave CMS versions prior to commit 6c56603 Description The contact form is publicly accessible without authentication. User-supplied message text is processed by the nl2br function, which converts newlines to tags but fails to escape HTML. Thi...

CVE-2026-37503

Cross-Site Scripting XSS in V2Board thru 1.7.4. The customhtml field in theme configuration is rendered using Blade unescaped output in public/theme/v2board/dashboard.blade.php. An admin can inject arbitrary JavaScript via the saveThemeConfig API. All site visitors execute the payload, enabling...

PT-2026-36484

Name of the Vulnerable Software and Affected Versions V2Board versions prior to 1.7.5 Description Cross-Site Scripting XSS occurs when the custom html field in the theme configuration is rendered using unescaped Blade output in the 'public/theme/v2board/dashboard.blade.php' file. An administrator...

CVE-2026-7508

Bootstrap CMS 0.9.0-alpha is affected by a code-injection vulnerability in the Page Creation Handler, specifically via the file resources/views/pages/show.blade.php where manipulating the body argument triggers injection. Remote exploitation is possible and an exploit has been published. The proj...

CVE-2026-7508 Bootstrap CMS Page Creation show.blade.php code injection

A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler. Performing a manipulation of the argument body results in code injection. Remote exploitation of the attack is possible...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /ureport/datasource/testConnection endpoint. An authenticated user can access internal network resources by sending a malicious GET request. Remediation There is no fixed version for...

Bootstrap CMS 注入漏洞

Bootstrap CMS is an open-source content management system based on PHP. The Bootstrap CMS 0.9.0-alpha version has a vulnerability due to an unknown function in the Page Creation Handler component file resources/views/pages/show.blade.php, which allows for code injection when manipulating the body...

PT-2026-36152

A stored cross-site scripting XSS vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter...

CVE-2026-36763

The CVE-2026-36763 entry describes a stored XSS in SpringBlade v4.8.0, exploitable via the /api/blade-desk/notice/submit endpoint by injecting crafted input into the content parameter. The NVD entry confirms the issue and lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, lo...

SpringBlade 跨站脚本漏洞

SpringBlade is a microservices development platform developed by Blade China. Version 4.8.0 of SpringBlade contains a cross-site scripting vulnerability. This vulnerability stems from the /api/blade-desk/notice/submit endpoint, where a stored cross-site script exists. This could allow attackers t...

CVE-2026-33061

Jexactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa04054276bda814d922cf4af58da and before e28edb204e80efab628d1241198ea4f079779cfd inject server-side objects into client-side JavaScript through resources/views/templates/wrapper.blade.php. Using unescap...

CVE-2026-33061 Jexactyl has Stored DOM Cross-Site Scripting (XSS) via unescaped JSON in Blade template

Jexactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa04054276bda814d922cf4af58da and before e28edb204e80efab628d1241198ea4f079779cfd inject server-side objects into client-side JavaScript through resources/views/templates/wrapper.blade.php. Using unescap...

CVE-2026-33061

exactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa04054276bda814d922cf4af58da and before e28edb204e80efab628d1241198ea4f079779cfd inject server-side objects into client-side JavaScript through resources/views/templates/wrapper.blade.php. Using unescape...