Lucene search
K

107 matches found

Nuclei
Nuclei
added yesterday55 views

Cockpit CMS 0.6.1 - Remote Code Execution

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI. id: CVE-2020-35131 info: name: Cockpit CMS 0.6.1 ...

9.8CVSS7.3AI score0.51299EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2 days ago9 views

CVE-2026-58467

A flaw was found in Cockpit CMS. This vulnerability, a path traversal and local file inclusion, allows an unauthenticated attacker to read arbitrary files or execute PHP files. By manipulating the URL, an attacker can bypass security checks and access restricted directories. This could lead to...

8.2CVSS6.3AI score0.0042EPSS
Exploits0References6
NVD
NVD
added 6 days ago7 views

CVE-2026-58467

Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...

8.2CVSS0.0042EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-41436

Cockpit CMS before release 364 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...

8.2CVSS6AI score0.0042EPSS
Exploits0References3
CVE
CVE
added 6 days ago18 views

CVE-2026-58467

Cockpit CMS prior to release 364 is affected by a path traversal and local file inclusion vulnerability. Unauthenticated attackers can craft a request (via the URL’s PATH_INFO in REQUEST_URI) to reach arbitrary files; if the resolved path ends with .php, it may be passed to include(), enabling lo...

8.2CVSS6.1AI score0.0042EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-58467

Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...

8.2CVSS6.1AI score0.0042EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 6:16 a.m.9 views

CVE-2026-13533

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS0.00286EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 4:0 a.m.8 views

EUVD-2026-40030

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS5.6AI score0.00286EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 4:0 a.m.8 views

CVE-2026-13533

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS5.6AI score0.00286EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/29 4:0 a.m.33 views

CVE-2026-13533 agentejo Cockpit CMS htaccess config.yaml YAMLLoad file access

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS0.00286EPSS
Exploits0References5
OSV
OSV
added 2026/05/15 6:30 p.m.5 views

GHSA-CH4J-VCF5-58X5 Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/15 6:30 p.m.14 views

Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:33 p.m.6 views

CVE-2026-23695

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/15 4:33 p.m.8 views

CVE-2026-23695 Cockpit CMS 2.14.0 Stored XSS via Set Field Display Template

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 4:33 p.m.68 views

CVE-2026-23695 Cockpit CMS 2.14.0 Stored XSS via Set Field Display Template

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/05/15 4:33 p.m.22 views

CVE-2026-23695

Cockpit CMS

5.4CVSS5.8AI score0.00138EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41318

Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option, where the template string is processed by the $interpolate function using new Function and rendered via Vue's v-html directive witho...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Cockpit CMS 跨站脚本漏洞

Cockpit CMS is an open-source headless content management system developed by Cockpit. Versions of Cockpit CMS 2.14.0 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the use of the $interpolate function in template strings within the Display template options,...

5.4CVSS5.8AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/01 8:48 p.m.7 views

CVE-2026-34965

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/savecollection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP...

8.8CVSS6.5AI score0.00825EPSS
Exploits0References1
NVD
NVD
added 2026/04/29 8:16 p.m.11 views

CVE-2026-34965

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/savecollection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP...

8.8CVSS0.00825EPSS
Exploits0References4
Rows per page
Query Builder