Lucene search
K

5114 matches found

Nuclei
Nuclei
added 9 hours ago205 views

Chuanhu Chat - Directory Traversal

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...

9.8CVSS7AI score0.03757EPSS
Exploits1
Nuclei
Nuclei
added 9 hours ago474 views

Moodle - Cross-Site Scripting/Remote Code Execution

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. Moodle versions 4.1.x before 4.1.3 and 4.2.x before...

6.5CVSS6.8AI score0.06583EPSS
Exploits3References5
NVD
NVD
added yesterday7 views

CVE-2026-61504

Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...

5.4CVSS
Exploits0References2
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2026-61504 Rejetto HFS < 3.2.1 Stored XSS via File Names in Basic Web Listing

Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...

5.4CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added yesterday21 views

CVE-2026-61504 Rejetto HFS < 3.2.1 Stored XSS via File Names in Basic Web Listing

Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...

5.4CVSS
Exploits0References2
CVE
CVE
added yesterday10 views

CVE-2026-61504

CVE-2026-61504 affects Rejetto HFS 3.0.0–3.2.0, where the basic web listing does not escape file names and can be forced with the browser parameter ?get=basic. This enables stored XSS: a file with a script in its name can execute in the viewer’s browser when the listing is viewed, potentially by ...

5.4CVSS6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday10 views

Malicious code in pure-folder-three (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e83bf74d7c84c48a1a478d7bb40bbd899c4fda613f1512b66184d3de478b480 [email protected] executes attacker-controlled shell commands on install and on import. The postinstall entry src/build.js decodes an obfuscate...

6.3AI score
Exploits0References2
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-42739

Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...

5.4CVSS6AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 5 days ago5 views

CVE-2026-58144

Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...

5.4CVSS0.00136EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-58144

Cotonti Siena

5.4CVSS6AI score0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-58144

Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...

5.4CVSS6AI score0.00136EPSS
Exploits0References2
NVD
NVD
added 5 days ago10 views

CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

9.1CVSS0.00571EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 5 days ago7 views

CVE-2026-14261 CVE-2026-14261

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control...

6.6AI score0.00571EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-57003

Name of the Vulnerable Software and Affected Versions Cotonti Siena versions prior to 0.9.27 Description Authenticated users with PFS access can perform a stored cross-site scripting attack. This occurs when malicious HTML is supplied via the ntitle parameter, which is processed through the TXT...

5.4CVSS6.1AI score0.00136EPSS
Exploits0References4
CERT
CERT
added 5 days ago5 views

Xerte Online Toolkit contains an authentication bypass that allows for RCE

Overview Two vulnerabilities have been discovered in Xerte Online Toolkits, an open-source e-learning authoring toolsuite intended for the creation of learning materials within a web browser. CVE-2026-14261 tracks the persistence of the /setup/ directory after installation, which allows an...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References5
NVD
NVD
added 6 days ago10 views

CVE-2026-59253

n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical...

5.3CVSS0.00166EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-42268

n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical...

5.3CVSS5.9AI score0.00166EPSS
Exploits0References2
CVE
CVE
added 6 days ago10 views

CVE-2026-59253

n8n before 2.28.0 is affected by an improper authorization vulnerability where authenticated users can assign workflows to folders in other projects. The issue allows bypassing project and folder authorization boundaries by sending crafted payloads during workflow creation, leading to logical int...

5.3CVSS5.9AI score0.00166EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42166

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS6.5AI score0.0011EPSS
Exploits0References2
CVE
CVE
added 6 days ago15 views

CVE-2026-57895

Pupsman before 3.9.0 has an incorrect default-permissions issue that allows an attacker to drop a malicious executable into the installation folder, enabling arbitrary code execution with SYSTEM privileges. Affected software: Pupsman, versions prior to 3.9.0. Root cause: default permissions misco...

8.5CVSS7.6AI score0.0011EPSS
Exploits0References2
Rows per page
Query Builder