7 matches found
CVE-2026-40500
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbitrary URLs to the module download parameter, causing the server to issue outbound HTTP requests t...
CVE-2026-40500
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbitrary URLs to the module download parameter, causing the server to issue outbound HTTP requests t...
CVE-2026-40500
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbitrary URLs to the module download parameter, causing the server to issue outbound HTTP requests t...
ProcessWire CMS 安全漏洞
ProcessWire CMS is a flexible content management system developed by ProcessWire as open source. Versions of ProcessWire CMS 3.0.255 and earlier contained security vulnerabilities. These vulnerabilities were due to a server-side request forgeing issue in the “Add Module From URL” feature of the...
Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs
The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass intended access restrictions via direct access to module URLs...
SAP Commerce Cloud Denial of Service Vulnerability
SAP Commerce Cloud is a cloud-native omnichannel commerce solution for B2B, B2C and B2B2C companies. A denial of service vulnerability exists in SAP Commerce Cloud 1808, 1811, 1905, 2005. An attacker could exploit this vulnerability by submitting a specially crafted request to a specific SAP...
Server side request forgery (ssrf)
SAP Commerce Cloud Accelerator Payment Mock, versions - 1808, 1811, 1905, 2005, allows an unauthenticated attacker to submit a crafted request over a network to a particular SAP Commerce module URL which will be processed without further interaction, the crafted request leads to Server Side Reque...