932 matches found
CVE-2026-38615
CVE-2026-38615 affects DedeCMS v5.7.118 with a command execution vulnerability in file_manage_control.php. Public sources confirm the issue but do not provide detailed exploitation steps or concrete remediation in the supplied documents. The CVSSv3.1 metrics indicate a high-severity, network-expl...
DesDev DedeCMS 安全漏洞
DesDev DedeCMS is an open-source content management system CMS developed by DesDev Corporation in China. It is built using PHP. This system offers functions such as content publishing, content management, content editing, and content retrieval. Version 5.7.118 of DesDev DedeCMS contains a securit...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
Concrete CMS 跨站请求伪造漏洞
Concrete CMS is an open-source content management system designed for teams. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stems from the function concrete/controllers/backend/file addFavoriteFolder$id, which is vulnerable to cross-sit...
CVE-2026-28733 filemanagement_storage_service has an use after free vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...
CVE-2026-28733
The CVE-2026-28733 entry concerns a use-after-free vulnerability in the OpenHarmony filemanagement_storage_service affecting OpenHarmony v6.0 and earlier. The weakness enables a local attacker to achieve arbitrary code execution, as described in the CVE entry. The provided metrics indicate a medi...
CVE-2026-25850 filemanagement_storage_service has an improper preservation of permissions vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...
CVE-2026-25850
CVE-2026-25850 concerns OpenHarmony, affecting v6.0 and earlier, where the component filemanagement_storage_service improperly preserves permissions. The result is a local attacker can cause an information leak. The CVSS score is 5.5 (Medium); vectors: Local access, low attack complexity, low pri...
CVE-2026-28751 filemanagement_storage_service has an improper input validation vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
CVE-2026-28751
Technical details about CVE-2026-28751 are not publicly provided in the supplied documents; please monitor for updates.
CVE-2026-28751 filemanagement_storage_service has an improper input validation vulnerability
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...
EUVD-2025-209787
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
FluentCMS 跨站脚本漏洞
FluentCMS is an open-source content management system developed by FluentCMS. Version 1.2.3 of FluentCMS has a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site script in the file management module. It allows authenticated administrators to upload...
PT-2026-40033
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2025-70842
FluentCMS 1.2.3 is affected in its File Management module by a Stored XSS vulnerability. An authenticated administrator can upload crafted SVG files containing malicious JavaScript, and the injected script executes in the browser of any user who accesses the direct URL to the image, including una...
CloudStorageHunter-Pro
🔥 CloudStorageHunter-Pro 🚀 Ultimate Cloud Storage Security...