977652 matches found
CVE-2026-61504
Rejetto HFS 3.0.0 through 3.2.0 does not escape file names in its fallback "basic" web listing, and this listing can be forced by any browser via the ?get=basic parameter. A user with upload permission - or an anonymous user on servers with an open upload folder - can store a file whose name...
CVE-2026-61504
CVE-2026-61504 affects Rejetto HFS 3.0.0–3.2.0, where the basic web listing does not escape file names and can be forced with the browser parameter ?get=basic. This enables stored XSS: a file with a script in its name can execute in the viewer’s browser when the listing is viewed, potentially by ...
CVE-2026-57405
Missing Authorization vulnerability in themehunk Open Shop open-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Shop: from n/a through = 1.7.1...
EUVD-2026-43316
This vulnerability is a critical Server-Side Template Injection SSTI in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The messageconfirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to...
CVE-2026-14453
This vulnerability is a critical Server-Side Template Injection SSTI in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The messageconfirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to...
CVE-2026-22100
The CVE-2026-22100 entry describes a command injection in the OCPP DataTransfer message ReserveLogin. By manipulating the data value, arbitrary OS commands can be executed with root privileges. Exploitation details, affected versions, and concrete remediation are not provided in the connected doc...
CVE-2026-57405
CVE-2026-57405 affects WordPress Open Shop theme (versions up to and including 1.7.1). The root cause is Missing Authorization due to incorrectly configured access control levels, classified as a Broken Access Control vulnerability. CVSS3.1 metrics indicate a HIGH base score of 7.1 (AV:N/AC:L/PR:...
CVE-2026-57405 WordPress Open Shop theme <= 1.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in themehunk Open Shop open-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Shop: from n/a through = 1.7.1...
CVE-2026-14453
The CVE-2026-14453 issue is a critical Server-Side Template Injection (SSTI) in Centreon’s centreon-open-tickets module. The message_confirm field is stored without sanitization and rendered through Smarty with no security policy, allowing any authenticated user to inject and execute arbitrary co...
CVE-2026-14453 A user with low privileges can inject SSTI templates that can lead to RCE in open-tickets
This vulnerability is a critical Server-Side Template Injection SSTI in Centreon's centreon-open-tickets module that leads to Remote Code Execution. The messageconfirm field is stored without sanitization and rendered via Smarty with no security policy enabled, allowing any authenticated user, to...
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...
Gitea < 1.4.3 - Open Redirect
Gitea before version 1.4.3 is affected by URL Redirection to Untrusted Site 'Open Redirect' via internal URLs. The vulnerability exists in the redirectto parameter used on the login page /user/login. Due to improper validation of the redirect URL, an attacker can craft a malicious link that...
Moodle 3.8-3.10.3 - Reflected XSS & Open Redirect
Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 contain a reflected XSS and open redirect caused by insufficient sanitization of the redirect URI in the LTI authorization endpoint, letting attackers execute scripts or redirect users maliciously, exploit requires crafted URL with...
Nova noVNC - Open Redirect
Nova noVNC contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-3654 info: name: Nova noVNC - Open Redirect author: geeknik severity: medium...
Keycloak - Open Redirect
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
LionWiki <3.2.12 - Local File Inclusion
LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion. id: CVE-2020-27191 info: name: LionWiki 3.2.12 - Local File Inclusion author: 0xAkoko severity: high description: LionWiki before...
GLPI <9.4.6 - Open Redirect
GLPI prior 9.4.6 contains an open redirect vulnerability based on a regexp. id: CVE-2020-11034 info: name: GLPI 9.4.6 - Open Redirect author: pikpikcu severity: medium description: GLPI prior 9.4.6 contains an open redirect vulnerability based on a regexp. impact: | An attacker can exploit this...
HomeAutomation 3.3.2 - Open Redirect
HomeAutomation 3.3.2 contains a redirect vulnerability caused by improper verification of the 'redirect' GET parameter in 'api.php', letting attackers redirect users to arbitrary websites, exploit requires user interaction with a crafted link. id: CVE-2020-21998 info: name: HomeAutomation 3.3.2 -...
OPNsense <=20.1.5 - Open Redirect
OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id:...
Z-Blog <=1.5.2 - Open Redirect
Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zbsystem/cmd.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-18268 info: name: Z-Blo...