6683 matches found
phpMyFAQ is Vulnerable to Stored XSS via Unsanitized Email Field in Admin FAQ Editor
Summary An unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 quoted local part yet contains raw HTML — for example "alert1"@evil.com. PHP's FILTERVALIDATEEMAIL accepts this email as valid. The email is stored in the database without HTM...
CVE-2026-34366
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34367
InvoiceShelf (open-source web/mobile app) is affected by a Server-Side Request Forgery (SSRF) in the PDF generation module prior to version 2.2.0. User-supplied HTML in the Notes field is passed unsanitised to the Dompdf renderer, which fetches remote resources referenced in the markup. The vulne...
CVE-2026-34367 InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...
CVE-2026-34367 InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...
CVE-2026-34367 InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...
CVE-2026-34366 InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34366 InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34366
CVE-2026-34366 affects InvoiceShelf prior to v2.2.0. An SSRF exists in the Payment receipt PDF generation module where user-supplied HTML in the Notes field is passed unsanitised to the Dompdf renderer, allowing remote resources to be fetched. The issue is exploitable directly via the PDF receipt...
CVE-2026-34365
InvoiceShelf CVE-2026-34365 describes a Server-Side Request Forgery in the Estimate PDF generation module prior to v2.2.0. User-supplied HTML in the estimate Notes field is passed unsanitised to the Dompdf rendering library, which can fetch remote resources, enabling SSRF via the PDF preview and ...
CVE-2026-34365 InvoiceShelf: SSRF in Estimate PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...
CVE-2026-34365 InvoiceShelf: SSRF in Estimate PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...
CVE-2026-34365 InvoiceShelf: SSRF in Estimate PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...
CVE-2026-32607
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user...
Cross-site Scripting (XSS)
Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the blog post rendering process. An attacker can execute arbitrary scripts in the context of a user's browser by injecting malicious...
PT-2026-29343
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...
PT-2026-29342
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
WWBN AVideo 跨站脚本漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of output encoding when the administrator panel’s rendering plugin values were being...
Slippers Vulnerable to Cross-Site Scripting (XSS) in `attrs` Template Tag
Summary A Cross-site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML attribute string without escaping, allowing an attacker to break o...
kernel: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
A flaw was found in the kernel subsystem handling of the DRM scheduler. Under certain error conditions, the function drmschedjobadddependency consumes a fence reference and then later erroneously attempts to free it again double free. This may lead to memory corruption and, in some configurations...