Lucene search
+L

4 matches found

nvd
nvd
added 2026/06/26 5:16 p.m.14 views

CVE-2026-54636

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9.9CVSS0.00274EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/26 4:23 p.m.7 views

CVE-2026-54636

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9.9CVSS5.9AI score0.00274EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/06/26 4:23 p.m.9 views

EUVD-2026-39806

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9.9CVSS5.9AI score0.00274EPSS
Exploits0References2
cvelist
cvelist
added 2014/01/02 3:0 p.m.41 views

CVE-2013-6991

Cross-site scripting XSS vulnerability in the WP-Cron Dashboard plugin 1.1.5 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php...

5.7AI score0.02035EPSS
Exploits4References3
Rows per page
Query Builder