Lucene search
K

54 matches found

CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

CouchCMS 安全漏洞

CouchCMS is an open-source content management system CMS designed for designers. CouchCMS has a security vulnerability that stems from improper authorization verification. This vulnerability could allow authenticated administrator users to create super-administrator accounts by manipulating...

8.6CVSS5.8AI score0.00427EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.8 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

6.5CVSS5.9AI score0.05559EPSS
Exploits1References1
NVD
NVD
added 2026/01/09 5:15 p.m.7 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

6.5CVSS0.05559EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/09 12:0 a.m.21 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

0.05559EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/09 12:0 a.m.4 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

6.5CVSS6AI score0.05559EPSS
Exploits1References4
CVE
CVE
added 2026/01/09 12:0 a.m.26 views

CVE-2025-67004

CouchCMS 2.4 has a reported information-disclosure vulnerability where an Admin can read arbitrary files via directory traversal. Affected component/condition: CouchCMS 2.4; impact is confidentiality (C:H) with no impact on integrity or availability per sources. Root cause is described as a direc...

6.5CVSS5.9AI score0.05559EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

CouchCMS 安全漏洞

CouchCMS is an open source content management system CMS for designers from CouchCMS Open Source. A security vulnerability exists in CouchCMS version 2.4, which stems from directory traversal and could lead to information disclosure...

6.5CVSS6.4AI score0.05559EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/09 12:0 a.m.5 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

5.9AI score0.05559EPSS
Exploits1References3
OSV
OSV
added 2026/01/09 12:0 a.m.6 views

CVE-2025-67004

Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...

6.5CVSS5.9AI score0.05559EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.11 views

PT-2026-1868

Name of the Vulnerable Software and Affected Versions CouchCMS version 2.4 Description An information disclosure issue exists in CouchCMS version 2.4. An administrator user can potentially read arbitrary files by traversing directories. This could lead to the disclosure of source code or other...

6.5CVSS6.2AI score0.05559EPSS
Exploits1References6
NVD
NVD
added 2025/12/22 1:16 a.m.6 views

CVE-2025-15005

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...

6.3CVSS0.00397EPSS
Exploits1References5
OSV
OSV
added 2025/12/22 12:32 a.m.6 views

CVE-2025-15005 CouchCMS reCAPTCHA config.example.php hard-coded key

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...

6.3CVSS5.1AI score0.00397EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/12/22 12:32 a.m.4 views

CVE-2025-15005 CouchCMS reCAPTCHA config.example.php hard-coded key

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...

6.3CVSS4.2AI score0.00397EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/22 12:32 a.m.7 views

EUVD-2025-204679

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...

6.3CVSS6.1AI score0.00397EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2025/12/22 12:32 a.m.4 views

CVE-2025-15005

A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...

6.3CVSS4.5AI score0.00397EPSS
Exploits1References5
CVE
CVE
added 2025/12/22 12:32 a.m.18 views

CVE-2025-15005

CVE-2025-15005 affects CouchCMS up to 2.4. The vulnerability is in the reCAPTCHA Handler, specifically the couch/config.example.php file; manipulating K_RECAPTCHA_SITE_KEY/K_RECAPTCHA_SECRET_KEY can lead to use of a hard-coded cryptographic key. It is remotely exploitable, with high complexity, a...

6.3CVSS4.2AI score0.00397EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.7 views

PT-2025-52618

Name of the Vulnerable Software and Affected Versions CouchCMS versions up to 2.4 Description A security issue exists in CouchCMS related to the reCAPTCHA Handler component. The issue resides in an unknown function within the couch/config.example.php file. Manipulation of the arguments K RECAPTCH...

6.3CVSS6AI score0.00397EPSS
Exploits1References12
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.5 views

Webzyme CouchCMS 安全漏洞

Webzyme CouchCMS is a content management system from Webzyme India. A security vulnerability exists in Webzyme CouchCMS 2.4 and earlier versions, which stems from the use of hard-coded encryption keys in the file couch/config.example.php in the component reCAPTCHA Handler, which could lead to a...

6.3CVSS4.7AI score0.00397EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-46103

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00358EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:17 a.m.10 views

CVE-2023-41609

An open redirect vulnerability in the sanitizeurl parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL...

6.1CVSS6.6AI score0.00358EPSS
Exploits1
Rows per page
Query Builder