54 matches found
CouchCMS 安全漏洞
CouchCMS is an open-source content management system CMS designed for designers. CouchCMS has a security vulnerability that stems from improper authorization verification. This vulnerability could allow authenticated administrator users to create super-administrator accounts by manipulating...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
CVE-2025-67004
CouchCMS 2.4 has a reported information-disclosure vulnerability where an Admin can read arbitrary files via directory traversal. Affected component/condition: CouchCMS 2.4; impact is confidentiality (C:H) with no impact on integrity or availability per sources. Root cause is described as a direc...
CouchCMS 安全漏洞
CouchCMS is an open source content management system CMS for designers from CouchCMS Open Source. A security vulnerability exists in CouchCMS version 2.4, which stems from directory traversal and could lead to information disclosure...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
CVE-2025-67004
Disputed An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is n...
PT-2026-1868
Name of the Vulnerable Software and Affected Versions CouchCMS version 2.4 Description An information disclosure issue exists in CouchCMS version 2.4. An administrator user can potentially read arbitrary files by traversing directories. This could lead to the disclosure of source code or other...
CVE-2025-15005
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...
CVE-2025-15005 CouchCMS reCAPTCHA config.example.php hard-coded key
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...
CVE-2025-15005 CouchCMS reCAPTCHA config.example.php hard-coded key
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...
EUVD-2025-204679
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...
CVE-2025-15005
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument KRECAPTCHASITEKEY/KRECAPTCHASECRETKEY results in use of hard-coded cryptographic key . It is possibl...
CVE-2025-15005
CVE-2025-15005 affects CouchCMS up to 2.4. The vulnerability is in the reCAPTCHA Handler, specifically the couch/config.example.php file; manipulating K_RECAPTCHA_SITE_KEY/K_RECAPTCHA_SECRET_KEY can lead to use of a hard-coded cryptographic key. It is remotely exploitable, with high complexity, a...
PT-2025-52618
Name of the Vulnerable Software and Affected Versions CouchCMS versions up to 2.4 Description A security issue exists in CouchCMS related to the reCAPTCHA Handler component. The issue resides in an unknown function within the couch/config.example.php file. Manipulation of the arguments K RECAPTCH...
Webzyme CouchCMS 安全漏洞
Webzyme CouchCMS is a content management system from Webzyme India. A security vulnerability exists in Webzyme CouchCMS 2.4 and earlier versions, which stems from the use of hard-coded encryption keys in the file couch/config.example.php in the component reCAPTCHA Handler, which could lead to a...
EUVD-2023-46103
Malicious code in bioql PyPI...
CVE-2023-41609
An open redirect vulnerability in the sanitizeurl parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL...