Lucene search
K

126681 matches found

OSV
OSV
added 2026/03/31 11:15 p.m.2 views

GHSA-4WWR-7H7C-CHQR AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking

Summary AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit SameSite=None cookie policy, an attacker can forge cross-origin...

8.1CVSS6.1AI score0.00233EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/31 11:10 p.m.3 views

Admidio allows Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Summary Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently ignore all .htaccess files. As a result, any file uploaded to the documents module regardles...

7.5CVSS5.9AI score0.00575EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/31 11:10 p.m.2 views

GHSA-7FH7-8XQM-3G88 Admidio allows Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Summary Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently ignore all .htaccess files. As a result, any file uploaded to the documents module regardles...

7.5CVSS5.9AI score0.00575EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/31 11:10 p.m.3 views

Access Control Bypass

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Access Control Bypass due to improper enforcement of access control in the admmyfiles directory when Apache is configured with...

8.7CVSS5.8AI score0.00575EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/31 10:53 p.m.9 views

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...

10CVSS6AI score0.00988EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/03/31 10:53 p.m.6 views

GHSA-VV7Q-7JX5-F767 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...

10CVSS6AI score0.00988EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/03/31 10:27 p.m.5 views

baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)

Summary In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the exec function without proper validation or escaping. This issue allows an authenticated CMS administrator to execute arbitrary OS commands on the server Remote Code Execution, RCE. Th...

9.1CVSS6.5AI score0.02282EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/31 10:27 p.m.1 views

GHSA-QXMC-6F24-G86G baserCMS has OS Command Injection Leading to Remote Code Execution (RCE)

Summary In the core update functionality of baserCMS, some parameters sent from the admin panel are passed to the exec function without proper validation or escaping. This issue allows an authenticated CMS administrator to execute arbitrary OS commands on the server Remote Code Execution, RCE. Th...

9.1CVSS6.5AI score0.02282EPSS
Exploits1References5
NVD
NVD
added 2026/03/31 9:16 p.m.4 views

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS0.0022EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.13 views

CVE-2026-34611

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the platform. While the endpoint verifies admin session status, it does not validate a CSRF token...

6.5CVSS0.00157EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.6 views

CVE-2026-34613

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...

6.5CVSS0.00201EPSS
Exploits1References1
NVD
NVD
added 2026/03/31 9:16 p.m.7 views

CVE-2026-34381

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS0.00575EPSS
Exploits1References2
NVD
NVD
added 2026/03/31 9:16 p.m.11 views

CVE-2026-34394

WWBN AVideo is an open source video platform. In versions 26.0 and prior, AVideo's admin plugin configuration endpoint admin/save.json.php lacks any CSRF token validation. There is no call to isGlobalTokenValid or verifyToken before processing the request. Combined with the application's explicit...

8.1CVSS0.00233EPSS
Exploits1References1
OSV
OSV
added 2026/03/31 8:56 p.m.6 views

CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS6AI score0.0022EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/31 8:56 p.m.4 views

CVE-2026-34739

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS6AI score0.0022EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/31 8:56 p.m.4 views

CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS6AI score0.0022EPSS
Exploits1References1
CVE
CVE
added 2026/03/31 8:56 p.m.11 views

CVE-2026-34739

The CVE concerns WWBN AVideo (open source video platform). In AVideo versions up to 26.0, the User_Location plugin’s testIP.php reflects the ip parameter directly into an HTML input without HTML-encoding, enabling reflected XSS. Although the page is admin-restricted, SameSite=None cookies enable ...

6.1CVSS6AI score0.0022EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/03/31 8:56 p.m.20 views

CVE-2026-34739 AVideo: Reflected XSS via Unescaped ip Parameter in User_Location testIP.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the UserLocation plugin's testIP.php page reflects the ip request parameter directly into an HTML input element without applying htmlspecialchars or any other output encoding. This allows an attacker to inject arbitrary HTM...

6.1CVSS0.0022EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/31 8:45 p.m.2 views

CVE-2026-34613 AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...

6.5CVSS5.9AI score0.00201EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/31 8:45 p.m.2 views

CVE-2026-34613

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoint checks for an active admin session but does not validate a CSRF token. Additionally, the plugin...

6.5CVSS5.9AI score0.00201EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder