CVE-2026-42590

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

CVE-2026-40281 Gotenberg vulnerable to argument injection via newlines in ExifTool metadata values

Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line into two separate...

CVE-2026-34414

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

CVE-2026-34414

CVE-2026-34414 affects Xerte Online Toolkits versions ≤ 3.15. A relative path traversal vulnerability exists in the elFinder connector endpoint at /editor/elfinder/php/connector.php, where the name parameter in rename commands is not sanitized for path traversal sequences. An attacker can supply ...

CVE-2026-34414

Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name parameter in rename commands is not sanitized for path traversal sequences. Attackers can supply a name value...

Xerte Online Toolkits 路径遍历漏洞

Xerte Online Toolkits is an online learning content creation platform provided by British company Xerte. Versions of Xerte Online Toolkits 3.15 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the elFinder connector in the /editor/elfinder/php/connector.php...

CVE-2026-4347

The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the 'generateuserfilepath' function and the 'movetempfiletouploaddir' function in all versions up to, and including, 5.1.0. This makes it possible for unauthenticated attackers ...

EUVD-2026-18124

The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the 'generateuserfilepath' function and the 'movetempfiletouploaddir' function in all versions up to, and including, 5.1.0. This makes it possible for unauthenticated attackers ...

WordPress plugin MW WP Form 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-29681

Name of the Vulnerable Software and Affected Versions MW WP Form plugin for WordPress versions up to and including 5.1.0 Description The MW WP Form plugin for WordPress is susceptible to arbitrary file movement due to inadequate file path validation through the generate user filepath function and...

EUVD-2025-35929

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to arbitrary file move due to insufficient file path validation in the addlistingaction AJAX action in all versions up to, and including, 8.4.8. This makes it possible for...

Naver Cloud Explorer Privilege Mobilization Vulnerability

Naver Cloud Explorer is a browser for accessing cloud files in Naver by Naver Korea. A security vulnerability exists in Naver Cloud Explorer versions prior to 2.2.2.11. An attacker can exploit the vulnerability to move local files with system privileges...