3 matches found
CVE-2026-42069 Kirby: Read access to site, user and role information is not gated by permissions
Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, read access to site, user and role information is not gated by permissions. This issue has been patched in versions 4.9.0 and 5.4.0...
CVE-2025-65012
Kirby is an open-source content management system. From versions 5.0.0 to 5.1.3, attackers could change the title of any page or the name of any user to a malicious string. Then they could modify any content field of the same model without saving, making the model a candidate for display in the...
Kirby 代码问题漏洞
Kirby is a document-based content management system CMS. A security vulnerability exists in Kirby versions prior to 2.5.14 that stems from the fact that an editor with full access to the Kirby panel could upload a PHP .phar file and execute it on the server. No details of the vulnerability are...