Cotonti: Cross-Site Request Forgery in the Personal File Storage (PFS) module

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.main.php, the file upload action 'a=upload' processes uploaded files without calling cotcheckxg to validate the anti-CSRF token, even though...

Cotonti: Cross-Site Request Forgery in the administration rights handler

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...

GHSA-WX35-CV59-9GWR Cotonti: Cross-Site Request Forgery in the Personal File Storage (PFS) module

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.main.php, the file upload action 'a=upload' processes uploaded files without calling cotcheckxg to validate the anti-CSRF token, even though...

GHSA-7G3P-35VC-MGJR Cotonti: Cross-Site Request Forgery in the administration rights handler

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...

CVE-2026-40033

A flaw was found in FreeRDP.If a user connects to a malicious Remote Desktop RDP server, a security flaw in FreeRDP could cause the application to crash or allow the server to run unauthorized code on the user's system. Mitigation To mitigate this issue, users should avoid connecting to untrusted...

Apache HugeGraph-Server <1.5.0 - Authentication Bypass

Apache HugeGraph-Server versions prior to 1.5.0 contain an authentication bypass vulnerability caused by assumed-immutable data. This flaw allows attackers to bypass authentication mechanisms without requiring specific privileges or user interaction. id: CVE-2024-43441 info: name: Apache...

Microweber < 1.2.11 - CRLF Injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0666 info: name: Microweber 1.2.11 - CRLF Injection author: ritikchaddha severity: high description: | CRLF Injection leads to Sta...

Totaljs <3.2.3 - Local File Inclusion

Total.js Platform before 3.2.3 is vulnerable to local file inclusion. id: CVE-2019-8903 info: name: Totaljs 3.2.3 - Local File Inclusion author: madrobot severity: high description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion. impact: | An attacker can exploit this...

Webmin < 1.920 - Authenticated Remote Code Execution

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialisevariable makes an eval call. NOTE: the WebminServersIndex documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must...

Gogs (Go Git Service) - SQL Injection

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...

Vendure - Arbitrary File Read

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

Mosparo < 1.0.2 - Open Redirect

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. id: CVE-2023-5375 info: name: Mosparo 1.0.2 - Open Redirect author: shankaracharya severity: medium description: | Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. impact: | Unauthenticated attackers can exploit...

Rudder Server < 1.3.0-rc.1 - SQL Injection

Rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

Docassemble - Local File Inclusion

Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...

404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection

The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability. id: CVE-2015-9323 info: name: 404 to 301 = 2.0.2 - Authenticated Blind SQL Injection author: Harsh severity: critical description: | The 404 to 301 –...

Traccar - Unrestricted File Upload

Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this...

phpMyAdmin < 5.0.3 - SQL Injection

phpMyAdmin before 4.9.6 and 5.x before 5.0.3 contains a SQL injection caused by improper processing of SQL statements in the search feature, letting attackers inject malicious SQL, exploit requires crafted search input. id: CVE-2020-26935 info: name: phpMyAdmin 5.0.3 - SQL Injection author: 0xAko...

GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.

Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. id: CVE-2021-43778 info: name: GLPI plugin Barcode 2.6.1 - Path Traversal Vulnerability. author:...

Openemr < 7.0.0.1 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. id: CVE-2022-2733 info: name: Openemr 7.0.0.1 - Cross-Site Scripting author: ctflearner severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to...

Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting

Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...