8 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the PageRules::create process in the page rules component. An attacker can publish a page without the required status-change permission by creating it as a non-draft. This lets a user who is allowed to create...
EUVD-2021-0862
Malware in sbrugna...
EUVD-2025-14508
Malicious code in bioql PyPI...
EUVD-2025-14510
Malicious code in bioql PyPI...
EUVD-2025-14509
Malicious code in bioql PyPI...
CVE-2025-31493
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data...
CVE-2025-30207
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby setups that use PHP's built-in server. Such setups are commonly only used during local development. Sites that use other server software such as Apache, nginx or...
CVE-2025-30159
Kirby is an open-source content management system. A vulnerability in versions prior to 3.9.8.3, 3.10.1.2, and 4.7.1 affects all Kirby sites that use the snippet helper or $kirby-snippet method with a dynamic snippet name such as a snippet name that depends on request or user data. Sites that onl...