EUVD-2026-37797

Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile with an empty folder...

CVE-2026-27870 CROSS-SITE SCRIPTING (XSS) VIA MALICIOUS FILE UPLOAD ON REGESTA SMART HD-PLC OF TELDAT

An attacker with access via network to the Regesta Smart HD-PLC of the provider Teldat in this case, registration action IS required who has the vulnerable software could, introduce arbitrary JavaScript by injecting a Cross-site Scripting XSS payload into the 'Hostname' field of the configuration...

CVE-2026-44962

Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This allows an authenticated, low-privileged user to execute arbitrary operating system commands on the...

CVE-2026-45626 Arcane: OS Command Injection in Volume Browser ListDirectory via path query parameter

Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...

Astro 安全漏洞

Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro prior to 10.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication when reading the x-astro-path header and the xastropath query parameters, which could lead...

CVE-2026-32811

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits t...

Exploit for XML Injection (aka Blind XPath Injection) in Fonttools

No d...

Arbitrary File Read

changedetection.io is vulnerable to Arbitrary File Read. The vulnerability is due to insufficient validation of user-supplied XPath expressions in the includefilters field, allowing attackers to use functions such as unparsed-text to read arbitrary files from the filesystem accessible to the...

CVE-2026-28415 Gradio has Open Redirect in OAuth Flow

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the redirecttotarget function in Gradio's OAuth flow accepts an unvalidated targeturl query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback...

PT-2026-22414

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.6.0 Description Gradio is a Python package for rapid prototyping. A flaw exists in the OAuth flow where the redirect to target function does not properly validate the target url query parameter. This allows redirecti...

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

CVE-2022-50807

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

EUVD-2025-35361

Hugging Face Smolagents XPath injection vulnerability in the searchitemctrlf function...

EUVD-2019-8548

Malware in sbrugna...

GHSA-QJ27-W92H-FC9R XML external entity (XXE) vulnerability in Jenkins

XML external entity XXE vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

xml-security: XPath Transform abuse allows for information disclosure

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...

xml-security: XPath Transform abuse allows for information disclosure

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...

xml-security: XPath Transform abuse allows for information disclosure

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...

CVE-2012-5553

Multiple cross-site scripting XSS vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM Maximenu" permission to inject arbitrary web script or HTML via the 1 Menu Title 2 Link Title, 3 Path...