Exploit for CVE-2026-5760

SGLang SSTI to RCE PoC — Unsandboxed Jinja2 Chat Template Rend...

AVideo has Stored XSS via Unescaped Menu Item Fields in TopMenu Plugin

Summary The TopMenu plugin renders menu item fields icon classes, URLs, and text labels directly into HTML without applying htmlspecialchars or any other output encoding. Since menu items are rendered on every public page through plugin hooks, a single malicious menu entry results in stored...

Copier `_subdirectory` allows template root escape via parent-directory traversal

Summary Copier's subdirectory setting is documented as the subdirectory to use as the template root. However, the current implementation accepts parent-directory traversal such as .. and uses it directly when selecting the template root. As a result, a template can escape its own directory and ma...

CVE-2026-34565

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when adding Posts to navigation menus through the Menu Manageme...

CVE-2026-34561

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input within System Settings – Social Media Management. Multiple...

GHSA-R33W-C82V-X5V7 CI4MS: Blogs Posts (Categories) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Blogs Posts Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS - Stored Cross-Site Scripting via Unsanitized Blog Post Content in Blog Management Categories Description The application fails to properly sanitize user-controlled input wh...

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via the backup filename field during backup upload and processing. An attacker can execute arbitrary JavaScript in the browsers of privileged user...

EUVD-2026-18073

CI4MS: System Settings Social Media Management Full Platform Compromise & Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS...

GHSA-R4V5-RWR2-Q7R4 CI4MS: Logs Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM Blind XSS via Logs Interface Rendering Administrative Context Execution - Stored Cross-Site Scripting Blind XSS via Unsafe Rendering of User-Controlled Logged Data Description The application renders user-controlled input unsafely within the logs interface. If an...

CI4MS: Logs Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM Blind XSS via Logs Interface Rendering Administrative Context Execution - Stored Cross-Site Scripting Blind XSS via Unsafe Rendering of User-Controlled Logged Data Description The application renders user-controlled input unsafely within the logs interface. If an...

Cross-site Scripting (XSS)

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS in the logs rendering process. An attacker can execute arbitrary JavaScript in the browser context of an administrator by injecting a malicious...

CVE-2026-34568

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

CVE-2026-5281

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

EUVD-2026-17739

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

CVE-2026-35054

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

CVE-2026-35054

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

CVE-2026-35054 XenForo Stored Cross-Site Scripting via BB Code Rendering

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

CVE-2026-35054

XenForo before 2.3.9 is affected by a stored XSS flaw in BB code rendering. An attacker can inject malicious scripts via BB code that get stored and executed when other users view the content. The issue is addressed in the XenForo 2.3.9 security fix. Remediation: upgrade to version 2.3.9 or apply...

CVE-2026-35054 XenForo Stored Cross-Site Scripting via BB Code Rendering

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

Xenforo 跨站脚本漏洞

Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.9 had a cross-site scripting vulnerability. This vulnerability stemmed from the BB code rendering, which contained a stored-cross-site scripting flaw, potentially allowing attackers to inject malicious...