CVE-2026-41254

A flaw was found in Little CMS. An integer overflow in the CubeSize function within cmslut.c occurs because the overflow check is performed after the multiplication. An attacker could exploit this vulnerability by providing a specially crafted input, potentially leading to information disclosure ...

PT-2026-33782

A weakness has been identified in Pagekit CMS up to 1.0.18. This issue affects the function evaluate of the file app/modules/view/src/PhpEngine.php of the component StringStorage Template Handler. This manipulation causes improper neutralization of directives in dynamically evaluated code. Remote...

PT-2026-33828

Vvveb CMS v1.0.8 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename handler allows authenticated attackers to rename files to blocked extensions .php or .htaccess. Attackers can exploit this logic flaw by first...

Yifang CMS 安全漏洞

Yifang CMS is a PHP enterprise website development and management system provided by Yifang Corporation. Versions of Yifang CMS 2.0.5 and earlier contained security vulnerabilities. These vulnerabilities were caused by improper handling of the parameter “Account” in the “Extended Management Modul...

ROS-20260420-73-0018

A vulnerability in the CMS message handler of the OpenSSL cryptographic library is related to writing outside buffer boundaries when processing an initialization vector. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted packets...

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

PT-2026-33837

Vvveb CMS 1.0.8 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system commands by uploading a PHP webshell with a .phtml extension. Attackers can bypass the extension deny-list and upload malicious file...

PT-2026-33771

A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly...

Qibo CMS 安全漏洞

Qibo CMS is a content management system developed by Qibo CMS Inc., designed for website construction and content publishing. Version 1.0 of Qibo CMS has a security vulnerability, which stems from improper handling of an unknown feature of the Internal Message Module component. This vulnerability...

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 contained security vulnerabilities; these vulnerabilities stemmed from cross-site scripting vulnerabilities, which coul...

Qibo CMS 安全漏洞

Qibo CMS is a content management system developed by Qibo CMS Inc., designed for website construction and content publishing. Version 1.0 of Qibo CMS has a security vulnerability. This vulnerability stems from improper handling of parameters “starts” in files, indexes, images, and headers, which...

MetInfo CMS 8.1 XML Endpoint Behavior Analysis Tool

This script is a PHP-based analysis tool designed to interact with MetInfo CMS 8.1 endpoints through an XML-based interface. It uses cURL to send structured requests to a specific MetInfo module endpoint and evaluates the HTTP responses for basic fingerprinting indicators such as known keywords a...

UBUNTU-CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

ALPINE-CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

CVE-2026-41254

Little CMS (lcms2) up to version 2.18 contains an integer overflow in CubeSize within cmslut.c because the overflow check is performed after the multiplication. This is documented across multiple sources (NVD/NIST, CVE-2026-41254; Ubuntu USN-8209-1; Alpine/FreeBSD/Debian advisories). Ubuntu advis...

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

EUVD-2026-23668

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...