CVE-2026-9712

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

CVE-2026-9712

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

CVE-2026-9712

CVE-2026-9712 concerns the pretix API where exporting creates a UUID for the export job and later a download request uses that UUID. The root cause is that one API endpoint did not verify that the download UUID actually corresponds to a file that is downloadable and belongs to the correct user. T...

PT-2026-44034

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the mmctl export download process. An attacker can gain unauthorized access to sensitive data by reading the bulk export file created with overly permissive file permissions...

CVE-2026-3113 mmctl export download command doesn’t restrict permissions to created file to file owner

Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...

CVE-2026-1582

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...

CVE-2026-1582 WP All Export <= 1.4.14 - Unauthenticated Sensitive Information Exposure via PHP Type Juggling

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...

CVE-2026-1582

The vulnerability CVE-2026-1582 affects the WordPress plugin WP All Export up to version 1.4.14 . A PHP type juggling flaw in the security token comparison (loose ==) allows an unauthenticated attacker to bypass authentication via “magic hash” values when the MD5 prefix matches the pattern ^0e\d+...

PT-2026-20386

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison == instead of strict...

PT-2026-7068

A flaw has been found in rachelos WeRSS we-mp-rss up to 1.4.8. Impacted is the function download export file of the file apis/tools.py. Executing a manipulation of the argument filename can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used...

EUVD-2024-54914

Malicious code in bioql PyPI...

Mahara < 23.04.9, 24.04.5 Multiple Vulnerabilities

Mahara is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mahara:mahara"; if description...

CVE-2024-47192

An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker to download files that they do not have permission to download...

PT-2025-34813 · Mahara · Mahara

Name of the Vulnerable Software and Affected Versions: Mahara versions 23.04.8 and 24.04.4 Description: An issue allows an attacker to download files without proper authorization by using a malicious export download URL. Recommendations: Update to a newer version that contains a fix for this issu...

CVE-2024-47192

An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker to download files that they do not have permission to download...

PT-2025-2135 · WordPress · Sandbox

Name of the Vulnerable Software and Affected Versions: The Sandbox plugin for WordPress versions up to, and including, 0.4 Description: The issue arises from a missing capability check on the export download action, allowing authenticated attackers with Subscriber-level access and above to downlo...

Path Traversal

Filament Excel is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the export download route '/filament-excel/path', allowing the use of ../ to navigate directories and access unauthorized files...

Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...

GHSA-M3PX-VJXR-FX4M Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...