Lucene search
K

44 matches found

Nuclei
Nuclei
added yesterday18 views

Plenti < v0.7.2 - OS Command Injection

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS7.1AI score0.02763EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-58402

Hugo is a static site generator. From 0.60.0 until 0.163.3, Hugo's default code-block renderer wrote the Markdown code-fence language or info-string into the code class="language-…" data-lang="…" wrapper without HTML escaping. A fence info-string containing a quote and a script payload breaks out...

5.1CVSS5.8AI score0.00278EPSS
Exploits0References5Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/11/29 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-49380

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS5.9AI score0.02763EPSS
In wildExploits1References77
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1294

Malware in sbrugna...

8.5CVSS8.4AI score0.01451EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-1268

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00537EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3458

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00574EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.4 views

decap-cms 安全漏洞

decap-cms is a Git-based static site generator from Decap CMS open source. A security vulnerability exists in decap-cms 3.8.3 and earlier versions, which stems from cross-site scripting and could lead to the execution of arbitrary JavaScript...

6.1CVSS6AI score0.00297EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.7 views

CVE-2024-49381

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

8.7CVSS6.4AI score0.00773EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.3 views

Plenti 安全漏洞

Plenti is a static site generator from Plentico open source. A security vulnerability exists in Plenti version 0.7.16 and earlier, which stems from an uploaded .svelte filename that could be executed as code, leading to code execution...

8.8CVSS7AI score0.00696EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/12/11 3:48 a.m.3 views

SUSE CVE-2024-55601

Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...

5.3CVSS6.6AI score0.00574EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/12/09 9:11 p.m.13 views

CVE-2024-55601

Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...

5.3CVSS5.8AI score0.00574EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/12/09 9:11 p.m.15 views

CVE-2024-55601

Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...

5.3CVSS6.5AI score0.00574EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/11/02 3:49 a.m.2 views

SUSE CVE-2024-49380

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

7.5CVSS7.2AI score0.02763EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/10/31 9:49 p.m.23 views

Plenti arbitrary file deletion vulnerability

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

8.7CVSS6.7AI score0.00773EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/10/31 9:49 p.m.10 views

GHSA-6H8W-HRFP-PFFX Plenti arbitrary file deletion vulnerability

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

9.3CVSS7.3AI score0.00773EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/10/31 9:48 p.m.23 views

Plenti arbitrary file write vulnerability

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS7.4AI score0.02763EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/10/31 9:48 p.m.8 views

GHSA-2P96-P7QH-4RGR Plenti arbitrary file write vulnerability

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS9.5AI score0.02763EPSS
Exploits1References5
NVD
NVD
added 2024/10/25 2:15 p.m.22 views

CVE-2024-49381

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

8.7CVSS0.00773EPSS
Exploits1References3
NVD
NVD
added 2024/10/25 2:15 p.m.34 views

CVE-2024-49380

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS0.02763EPSS
Exploits1References3
CVE
CVE
added 2024/10/25 1:6 p.m.80 views

CVE-2024-49381

CVE-2024-49381 – Plenti arbitrary file deletion : In Plenti, a static site generator, versions prior to 0.7.2 expose an arbitrary file write/deletion via the /postLocal endpoint when serving a site. This can lead to information loss. The issue is mitigated by upgrading to v0.7.2 or later, which c...

8.7CVSS7.3AI score0.00773EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder