Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/03/07 7:59 a.m.6 views

CVE-2026-28507

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References1
NVD
NVDadded 2026/03/06 5:16 a.m.6 views

CVE-2026-28507

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS0.00673EPSS
Exploits1References2
OSV
OSVadded 2026/03/06 4:13 a.m.2 views

CVE-2026-28508 Idno: Unauthenticated SSRF via URL Unfurl Endpoint

Idno is a social publishing platform. Prior to version 1.6.4, a logic error in the API authentication flow causes the CSRF protection on the URL unfurl service endpoint to be trivially bypassed by any unauthenticated remote attacker. Combined with the absence of a login requirement on the endpoin...

9.2CVSS5.9AI score0.00628EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/03/06 4:12 a.m.26 views

CVE-2026-28507 Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS0.00673EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/03/06 4:12 a.m.2 views

CVE-2026-28507 Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References2
CVE
CVEadded 2026/03/06 4:12 a.m.13 views

CVE-2026-28507

CVE-2026-28507 affects Idno (social publishing platform). Public disclosures and Red Hat/Veracode entries describe two chained vulnerabilities leading to remote code execution: 1) Arbitrary PHP file write during WordPress import via importImagesFromBodyHTML, leveraging uncontrolled outbound fopen...

8.6CVSS6.5AI score0.00673EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2026/03/06 4:12 a.m.3 views

CVE-2026-28507 Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/03/06 12:0 a.m.4 views

Idno 操作系统命令注入漏洞

Idno is a social content publishing platform developed by Idno OpenSource. Versions of Idno prior to 1.6.4 contained a vulnerability related to operating system command injection. This vulnerability stemmed from write operations on linked import files and path traversal through templates, which...

8.6CVSS6.2AI score0.00673EPSS
Exploits1References2
Rows per page
Query Builder