Lucene search
+L

5 matches found

vulnrichment
vulnrichment
added 2026/04/10 6:32 p.m.3 views

CVE-2026-33705 Chamilo LMS has unauthenticated access to Twig template source files exposes application logic

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files .tpl under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These templates expose internal application logic, variable names, AJAX endpoint URLs, and admin panel...

5.3CVSS5.8AI score0.00245EPSS
Exploits0References2
saint
saint
added 2025/10/03 12:0 a.m.102 views

MeteoBridge template.cgi command injection

Added: 10/03/2025 CVE: CVE-2025-4008 Background MeteoBridge is a device which connects personal weather stations to public weather networks. Problem A command injection vulnerability in the MeteoBridge web interface could allow remote, unauthenticated attackers to execute arbitrary commands by...

8.8CVSS8.3AI score0.94991EPSS
Exploits3
cnnvd
cnnvd
added 2024/05/07 12:0 a.m.4 views

Desdev DedeCMS 跨站请求伪造漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open source content management system CMS from China's Desdev Network Desdev. The system has content publishing, content management, content editing and content retrieval functions. A cross-site request forgery vulnerability...

5CVSS5AI score0.0042EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2023/08/21 12:0 a.m.5 views

PT-2023-29244 · Openrapid · Openrapid Rapidcms

Name of the Vulnerable Software and Affected Versions: OpenRapid RapidCMS version 1.3.1 Description: A critical issue was found in OpenRapid RapidCMS, affecting the file template/default/category.php. The manipulation of the id argument leads to SQL injection. Recommendations: For OpenRapid...

9.8CVSS6.3AI score0.00606EPSS
Exploits1References7
cnnvd
cnnvd
added 2023/07/31 12:0 a.m.5 views

Desdev DedeCMS 代码注入漏洞

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

9.8CVSS8.7AI score0.00948EPSS
Exploits0References3
Rows per page
Query Builder