2 matches found
CVE-2025-61586 FreshRSS is vulnerable to directory enumeration by setting path in its theme field
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below are vulnerable to directory enumeration by setting path in theme field, allowing attackers to gain additional information about the server by checking if certain directories exist. This issue is fixed in version 1.27.0...
CVE-2022-32366
Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/viewfield.php?id=...