Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42845

The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0 , there is an unauthenticated page-content overwrite via file upload GHSA-w4rc-p66m-x6qq. Public form uploads now strip path components from the POST-supplied filename and hard-block page-content extensions md, yaml...

8.7CVSS5.5AI score0.00622EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 3:44 p.m.6 views

CVE-2026-42845

The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0 , there is an unauthenticated page-content overwrite via file upload GHSA-w4rc-p66m-x6qq. Public form uploads now strip path components from the POST-supplied filename and hard-block page-content extensions md, yaml...

8.7CVSS5.8AI score0.00622EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.3 views

PT-2024-40472 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe 4 affected versions not specified Description: The issue concerns potentially dangerous file types in the File.allowed extensions configuration, which could allow a malicious CMS user to upload files that get executed in the...

8.8CVSS7AI score
Exploits0References5
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.17 views

SuiteCRM 代码问题漏洞

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team. A security vulnerability exists in SuiteCRM that stems from SuiteCRM prior to 7.11.19 that allows remote code execution to be set via the system settings log file name. An attacker can exploit the vulnerability...

9CVSS8.7AI score0.58945EPSS
Exploits5References8
Rows per page
Query Builder