Craft CMS has a potential information disclosure vulnerability in preview tokens

Summary Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview...

CVE-2026-30944

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...

CVE-2026-30945

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...

CVE-2026-30945 StudioCMS: IDOR — Arbitrary API Token Revocation Leading to Denial of Service

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the DELETE /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user with editor privileges or above to revoke API tokens belonging to any other user, including admin and owner...

CVE-2026-30944 StudioCMS Affected by Privilege Escalation via Insecure API Token Generation

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.0, the /studiocmsapi/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to...

CVE-2026-30944

CVE-2026-30944 affects StudioCMS prior to 0.4.0. The vulnerability resides in the /studiocms_api/dashboard/api-tokens endpoint, where any authenticated user (at least Editor) can generate API tokens for any target user, bypassing authorization checks to create tokens on behalf of others. This lea...

CVE-2026-3818

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The...

EUVD-2026-10362

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

EUVD-2026-10361

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

GHSA-JW5G-F64P-6X78 Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

Camaleon CMS vulnerable to Path Traversal through AWS S3 uploader implementation

Camaleon CMS versions 2.4.5.0 through 2.9.1, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

CVE-2026-1776

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

CVE-2026-1776

Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 uploader implementation that allows authenticated users to read arbitrary files from the web server’s filesystem. The issue occurs in the downloadprivatefile functionality wh...

PT-2026-24619

Summary The /studiocms api/dashboard/api-tokens endpoint allows any authenticated user at least Editor to generate API tokens for any other user, including owner and admin accounts. The endpoint fails to validate whether the requesting user is authorized to create tokens on behalf of the target...

Craft Commerce 跨站脚本漏洞

Craft Commerce is an e-commerce platform developed under the open-source Craft CMS framework. Versions of Craft Commerce prior to 5.5.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper HTML escaping during the rendering of the Name field on the Commerce...

Umbraco 安全漏洞

Umbraco is an open-source content management system CMS written in C by the Danish company Umbraco. Versions of Umbraco from 14.0.0 to 16.5.1, as well as versions before 17.2.2, have security vulnerabilities. These vulnerabilities stem from insufficient authorization for backend API endpoints,...

PT-2026-24403

Craft is a content management system CMS. Prior to 4.17.4 and 5.9.7, Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an...

PT-2026-24638

Summary Craft CMS has a CSRF issue in the preview token endpoint at /actions/preview/create-token. The endpoint accepts an attacker-supplied previewToken. Because the action does not require POST and does not enforce a CSRF token, an attacker can force a logged-in victim editor to mint a preview...

PT-2026-24253

Name of the Vulnerable Software and Affected Versions StudioCMS versions prior to 0.4.0 Description StudioCMS is a server-side-rendered, Astro native, headless content management system. The DELETE /studiocms api/dashboard/api-tokens API endpoint, before version 0.4.0, allows authenticated users...

PT-2026-24402

GetSimple CMS is a content management system. The massiveAdmin plugin v6.0.3 bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF protection, enabling...