24851 matches found
Server-side Request Forgery (SSRF)
Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the shouldBypassProxy function. An attacker can access internal or metadata endpoints by crafting request URLs in IPv4-mapped IPv6...
Server-side Request Forgery (SSRF)
Overview org.webjars.npm:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the shouldBypassProxy function. An attacker can access internal or metadata endpoints by crafting request URLs in...
CVE-2026-10068 Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...
EUVD-2026-33345
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...
CVE-2026-10068 Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...
CVE-2026-10068
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. Thi...
CVE-2026-10068
CVE-2026-10068 affects Shibby Tomato 1.28. The vulnerability lies in the SUBSCRIBE Call Handler’s miniupnpd component, specifically the send function in usr/sbin/miniupnpd, enabling server-side request forgery. The issue can be triggered remotely and is documented as affecting products superseded...
GHSA-GCV3-5V9Q-FMHH Froxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcement
Summary Froxlor 2.3.6 lets administrators configure system.availableshells as the approved shell list that customers may assign to FTP users. However, the server-side FTP account handlers do not enforce that whitelist when processing add or edit requests. As a result, an authenticated customer wi...
CVE-2018-25388
HaPe PKH 1.1 has an arbitrary file upload vulnerability that bypasses file type validation, allowing authenticated attackers to upload PHP files and execute arbitrary code on the server. Affected endpoints include aksi_foto.php, aksi_user.php, and aksi_kecamatan.php. CVSS metrics indicate high im...
CVE-2026-45312 RAGFlow: Server-Side Template Injection in Prompt Generator leads to Remote Code Execution
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt generator rag/prompts/generator.py allows any authenticated user to execute arbitrary OS commands on the server. Any normal user can register, create a Canvas...
CVE-2026-45312 RAGFlow: Server-Side Template Injection in Prompt Generator leads to Remote Code Execution
RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In 0.24.0 and earlier, a Jinja2 template injection in the prompt generator rag/prompts/generator.py allows any authenticated user to execute arbitrary OS commands on the server. Any normal user can register, create a Canvas...
CVE-2026-45312
RAGFlow (open-source RAG engine) is affected in 0.24.0 and earlier by a Jinja2 template injection in the prompt generator (rag/prompts/generator.py). This allows any authenticated user to execute arbitrary OS commands on the server via the SSTI chain, once a user registers and creates a Canvas wo...
CVE-2026-9559
A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories. An authenticated user with campaign import privileges...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via insufficient validation of user-supplied URLs in the Focus component. An attacker can cause the server to send HTTP requests to internal or external destinations by supplying crafted URLs. This can...
USN-8338-2: Apache HTTP Server regression
USN-8338-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression that prevented modhttp2 from loading on Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Apache HTTP Server incorrectly...
EUVD-2026-33277
A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories. An authenticated user with campaign import privileges...
CVE-2026-9559
CVE-2026-9559 describes a path traversal vulnerability in Mautic 7 within the campaign import feature. During ZIP extraction in campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories, enabling an authenticated user with campaign import priv...
CVE-2026-9558
A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...
CVE-2026-9558
A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...
EUVD-2026-33276
A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...