Lucene search
K

583 matches found

NVD
NVD
added 2026/06/25 7:16 p.m.9 views

CVE-2026-54096

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.7, POST /api/share/ accepts an authenticated request for an arbitrary path and stores a public share record without checking whether the target fi...

8.4CVSS0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.10 views

PT-2026-48753

Trying to download the hotfix for 81.20 hotfix T141 via https://support.checkpoint.com/results/download/143620 for some sick reason this is behind an account login that i do not have access to. wondering if anyone here could provide it, pretty innocuous ask i think...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 3:21 p.m.12 views

Malicious code in veteran-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2528c02db9bcb4016a3347fdfae55c037c0462d6c0d29adb4245605424ad31f On npm install, the postinstall hook node install.js downloads a platform-specific binary archive from a hardcoded...

6.3AI score
Exploits0References1
OSV
OSV
added 2026/05/21 3:21 p.m.19 views

MAL-2026-4704 Malicious code in veteran-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2528c02db9bcb4016a3347fdfae55c037c0462d6c0d29adb4245605424ad31f On npm install, the postinstall hook node install.js downloads a platform-specific binary archive from a hardcoded...

6.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39882

Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description An attacker can bypass the Content Security Policy CSP script-src directive by uploading a crafted attachment to an issue. When this attachment is accessed via the 'file download.php'...

7.6CVSS5.9AI score0.00498EPSS
Exploits0References8
CVE
CVE
added 2026/05/02 5:29 a.m.16 views

CVE-2026-6812

The CVE-2026-6812 entry concerns the Ona theme for WordPress. A Server-Side Request Forgery (SSRF) is possible in all versions up to and including 1.26 via ona_activate_child_theme, enabling authenticated attackers with administrator-level access to make outbound requests from the web application...

4.4CVSS5.9AI score0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/02 5:29 a.m.31 views

CVE-2026-6812 Ona <= 1.26 - Authenticated (Administrator+) Blind Server-Side Request Forgery via 'download_link' Parameter

The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...

4.4CVSS0.0025EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/02 5:29 a.m.5 views

CVE-2026-6812 Ona <= 1.26 - Authenticated (Administrator+) Blind Server-Side Request Forgery via 'download_link' Parameter

The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...

4.4CVSS5.9AI score0.0025EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

Bagisto 代码问题漏洞

Bagisto is an open-source e-commerce framework developed by Webkul Software in India. Versions of Bagisto 2.3.15 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the copy function in the Downloadable Link Handler component, which could lead to...

6.5CVSS6.7AI score0.00201EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/19 6:22 a.m.96 views

Exploit for Code Injection in Agentfront Enclave

CVE-2026-27597 - version Remote Code Execution Quick Usage...

10CVSS6.5AI score0.00878EPSS
Exploits2
Github Security Blog
Github Security Blog
added 2026/04/14 11:23 p.m.12 views

WWBN AVideo has an Incomplete fix: Directory traversal bypass via query string in ReceiveImage downloadURL parameters

Summary The directory traversal fix introduced in commit 2375eb5e0 for objects/aVideoEncoderReceiveImage.json.php only checks the URL path component via parseurl$url, PHPURLPATH for .. sequences. However, the downstream function trygetcontentsfromlocal in objects/functionsFile.php uses...

6.5CVSS5.9AI score0.00718EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/04/14 12:31 a.m.5 views

EUVD-2026-22120

A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possibl...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/07 7:26 p.m.1 views

CVE-2026-39370 WWBN AVideo has an Allowlisted downloadURL media extensions bypass SSRF protection and enable internal response exfiltration (Incomplete fix for CVE-2026-27732)

WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...

7.1CVSS5.9AI score0.00206EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.6 views

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from incomplete verification of server-side requests for the downloadURL value, allowing authenticated uploader...

7.1CVSS5.9AI score0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/27 10:12 p.m.26 views

CVE-2026-33992 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network service...

9.3CVSS0.00397EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:0 p.m.5 views

EUVD-2026-16886

pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration...

9.3CVSS5.8AI score0.00397EPSS
Exploits1References2
OSV
OSV
added 2026/03/09 7:48 p.m.7 views

GHSA-525J-95GF-766F FileBrowser Quantum: Password-Protected Share Bypass via /public/api/share/info

Summary The remediation for CVE-2026-27611 appears incomplete. Password protected shares still disclose tokenized downloadURL via /public/api/share/info in docker image gtstef/filebrowser:1.3.1-webdav-2. Details The issue stems from two flaws: 1. Tokenized download URLs are written into the...

7.5CVSS5.7AI score0.00544EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/06 12:0 a.m.8 views

PT-2026-23663

Name of the Vulnerable Software and Affected Versions AWS Lambda affected versions not specified Description A flaw exists where certificate verification can lead to a program crash. This occurs when a certificate within a chain lacks a DNS name while another certificate in the same chain has...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References458
NVD
NVD
added 2026/02/27 9:16 a.m.8 views

CVE-2026-2251

Improper limitation of a pathname to a restricted directory Path Traversal vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 vi...

9.8CVSS0.0039EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/25 4:2 p.m.5 views

CVE-2026-3189 feiyuchuixue sz-boot-parent download server-side request forgery

A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be executed remotely. Attacks ...

3.1CVSS5AI score0.00212EPSS
Exploits0References7
Rows per page
Query Builder