39 matches found
PT-2026-26412
Summary Gateway auth for plugin channel endpoints can be bypassed when path canonicalization differs between the gateway guard and plugin handler routing. Details On affected versions, server-http only applies gateway auth when raw requestPath matches exactly: - /api/channels - /api/channels/ If ...
CVE-2025-56431
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56430
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
EUVD-2025-202591
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
EUVD-2025-202590
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56431
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56430
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
CVE-2025-56431
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56430
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
FearlessCMS 安全漏洞
FearlessCMS is a flat file content management system from the individual developers at Fearless Geek Media. A security vulnerability exists in FearlessCMS version v.0.0.2-15, which stems from a directory traversal vulnerability in the plugin-handler.php and filegetcontents functions, which could...
PT-2025-50487
Name of the Vulnerable Software and Affected Versions FearlessCMS version 0.0.2-15 Description A directory traversal issue exists in FearlessCMS. A remote attacker can potentially cause a denial of service by exploiting the plugin-handler.php file in conjunction with the file get contents functio...
FearlessCMS 安全漏洞
FearlessCMS is a flat file content management system from the individual developers at Fearless Geek Media. A security vulnerability exists in FearlessCMS version v.0.0.2-15, which stems from a directory traversal vulnerability in the plugin-handler.php and deleteDirectory functions, which could...
CVE-2025-56431
FearlessCMS v0.0.2-15 is affected by a directory traversal vulnerability that can be exploited remotely via the plugin-handler.php and file_get_contents() to cause denial of service. The weakness is described consistently across multiple trusted feeds (Red Hat, EUVD/ENISA, NVD, OSV, CNNVD, CVE li...
CVE-2025-56430
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
CVE-2025-56430
CVE-2025-56430 : A directory traversal vulnerability affects FearlessCMS v0.0.2-15, allowing a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function. The root cause is a directory traversal issue in the referenced code path. Exploitation details ...
PT-2025-50486
Name of the Vulnerable Software and Affected Versions FearlessCMS version 0.0.2-15 Description A directory traversal issue exists in FearlessCMS version 0.0.2-15. This allows a remote attacker to potentially cause a denial of service by exploiting the plugin-handler.php file and the deleteDirecto...
CVE-2025-56431
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56431
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the filegetcontents function...
CVE-2025-56430
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via the plugin-handler.php and the deleteDirectory function...
CVE-2025-12070
The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing nonce validation on the ViaAdspluginHandler function. This makes it possible for unauthenticated attackers to modify the plugin's API key and cookie...