43687 matches found
CVE-2026-22594
Ghost is a Node.js content management system. In versions 5.105.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's 2FA mechanism allows staff users to skip email 2FA. This issue has been patched in versions 5.130.6 and 6.11.0...
CVE-2022-50939
CVE-2022-50939 (e107 CMS 3.2.1) affects the Media Manager’s remote URL upload (image.php) in the admin interface. The upload_caption parameter is not properly sanitized, allowing an authenticated administrator to use directory traversal (../../../) to overwrite arbitrary files outside the intende...
CVE-2022-50937 Ametys CMS v4.4.1 - Cross Site Scripting (XSS)
Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modul...
CVE-2022-50936 WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)
WBCE CMS version 1.5.2 contains an authenticated remote code execution vulnerability that allows attackers to upload malicious droplets through the admin panel. Authenticated attackers can exploit the droplet upload functionality in the admin tools to create and execute arbitrary PHP code by...
CVE-2022-50937 Ametys CMS v4.4.1 - Cross Site Scripting (XSS)
Ametys CMS v4.4.1 contains a persistent cross-site scripting vulnerability in the link directory's input fields for external links. Attackers can inject malicious script code in link text and descriptions to execute persistent attacks that compromise user sessions and manipulate application modul...
CVE-2022-50937
Ametys CMS v4.4.1 contains a persistent cross-site scripting (XSS) vulnerability in the link directory’s input fields for external links. An attacker can inject script into link text and descriptions, enabling persistent attacks that can compromise user sessions and manipulate application modules...
CVE-2022-50936
WBCE CMS 1.5.2 is affected by an authenticated remote code execution vulnerability in the admin panel’s droplet upload functionality. Authenticated attackers can craft a zip payload to upload a malicious droplet, enabling arbitrary PHP code execution on the server. This aligns with multiple sourc...
CVE-2022-50916
CVE-2022-50916 affects e107 CMS v3.2.1. A file upload vulnerability in the Media Manager import functionality allows authenticated administrators to override server files by manipulating the upload URL parameter, potentially overwriting files like top.php in the web application directory. Publicl...
CVE-2022-50907 e107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCE
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution...
CVE-2022-50907 e107 CMS v3.2.1 - Admin Upload Restriction Bypass + RCE
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote code execution...
CVE-2022-50907
Affected software: e107 CMS 3.2.1. Issue: a file upload restriction bypass in the Media Manager import flow allows authenticated admin users to upload PHP files outside restricted locations, enabling remote code execution. Root cause: manipulation of the upload URL parameter enables placing malic...
CVE-2022-50905
CVE-2022-50905 affects e107 CMS v3.2.1. The issues: (1) a reflected XSS in the news comment flow, where an authenticated user can inject JavaScript via a URL parameter that executes when they click outside the comment field; (2) an upload restriction bypass for authenticated administrators that e...
CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...
CVE-2022-50895
Aero CMS 0.0.1 is affected by a SQL injection in the author parameter. The vulnerability allows attackers to manipulate SQL queries using boolean-based, error-based, time-based, and UNION techniques to extract sensitive data and potentially compromise the system. Affected component: author parame...
CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...
TYPO3 CMS Allows Broken Access Control in Recycler Module
Problem Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering the websit...
GHSA-6C46-P6J5-3F49 TYPO3 CMS Allows Broken Access Control in Redirects Module
Problem Backend users with access to the redirects module and write permission on the sysredirect table were able to read, create, and modify any redirect record - without restriction to the user’s own file‑mounts or web‑mounts. This allowed attackers to insert or alter redirects pointing to...
GHSA-5J7Q-WMH7-CQHG TYPO3 CMS Allows Broken Access Control in Edit Document Controller
Problem By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend. This gave them the ability to insert arbitrary data into prohibited exclude fields of a database table for which the user already has write permission for a...
Astra Linux – Vulnerability in OpenSSL
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData messages with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing a Denial of Service, or potentially remote code execution. When parsing CMS...
Deserialization of Untrusted Data
Overview typo3/cms-core is a free open source enterprise content management system. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to deserialization of files without any class restrictions. A local attacker can execute arbitrary PHP code by crafting a...