88 matches found
CVE-2025-32781 Apollo: Apollo Portal release endpoint allows cross-application configuration disclosure via releaseId
Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.0, Apollo Portal does not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId while...
CVE-2026-47733
Rocket.Chat CVE-2026-47733 affects the ImageElement in packages/gazzodown prior to 8.5.0, where user-controlled src values are inserted into and without protocol sanitization. An authenticated user can post markdown images with a javascript: URL that, on older browsers, could execute arbitrary ...
CVE-2026-46543 nimiq-blockchain: Genesis batch set request
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatchSet message containing the genesis block's hash. The handler calls getepochchunks which iterates...
CVE-2026-41951
Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when an email server is running in GROWI...
Vinades NukeViet 跨站脚本漏洞
Vinades NukeViet is an open-source content management system CMS developed by the Vietnamese company Vinades. Versions of Vinades NukeViet 4.5.07 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from insufficient input cleansing on the server side, which could lead...
CVE-2026-8412
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/page/bulk/cache. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan...
CVE-2026-8245
Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" . Any authenticated admin or report viewer with access to...
CVE-2026-7882
Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF token check in the DeleteFile controller. The code throws an error when the token IS valid and proceeds with file deletion when the token is invalid or missing. This effectively disables CSRF protecti...
CVE-2026-8414 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/event/duplicate. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan...
CVE-2026-8238
Concrete CMS versions 9.5.0 and earlier are vulnerable to an IDOR at the endpoint /ccm/frontend/conversations/message_page, which exposes full content of any conversation message and file attachments via unauthenticated access. An attacker can enumerate messages from restricted pages, member-only...
CVE-2026-8236 Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate for endpoint /ccm/system/dialogs/file/usage/{fID}
Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate. The endpoint /ccm/system/dialogs/file/usage/fID accepts an integer file ID in the URL and returns internal site structure data page IDs, versions, URL paths to anyone who sends a GET request. The...
Concrete CMS 跨站请求伪造漏洞
Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site request forgeing vulnerability. This vulnerability occurred due to the lack of validation of the CSRF token before processing requests like...
Concrete CMS 跨站请求伪造漏洞
Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability was exploited through the concrete/controllers/backend/file rescanMultiple function, making it susceptibl...
Concrete CMS 安全漏洞
Concrete CMS is an open-source content management system designed for teams. Concrete CMS versions 9.5.0 and earlier have a security vulnerability. This vulnerability stems from an insecure direct object reference in the attachments parameter of the AddMessage/UpdateMessage functions, which may...
CVE-2026-39405 Frappe has Path Transversal via SCORM
Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing role could upload a SCORM ZIP package to write files outside the intended directory. This issue has been resolved in version 2.50.1...
CVE-2026-5107 affecting package frr for versions less than 10.5.0-2
CVE-2026-5107 affecting package frr for versions less than 10.5.0-2. A patched version of the package is available...
EUVD-2026-28881
The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due to the saveconnectedwordpressuser function propagating a LatePoint customer's email address to it...
CVE-2026-7332 LatePoint <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting via 'booking_form_page_url' Parameter
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookingformpageurl' parameter in all versions up to, and including, 5.5.0 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2026-1460
A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...
PT-2026-35222
A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed...