4 matches found
CVE-2026-28225
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
EUVD-2026-8915
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
CVE-2026-28225 Manyfold has IDOR in ModelFilesController
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
Manyfold 安全漏洞
Manyfold is a self-hosted web application developed by Manyfold OpenSource. Versions of Manyfold prior to 0.133.1 contained a security vulnerability, which was caused by the getmodel method in the ModelFilesController bypassing Pundit authorization...