Lucene search
K

77 matches found

Nuclei
Nuclei
added 11 hours ago32 views

Koha 3.20.1 - Directory Traversal

Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the templatepath parameter to 1 svc/virtualshelves/search or 2 svc/members/search. id: CVE-2015-4632 info: name:...

7.5CVSS7.1AI score0.51829EPSS
Exploits8References5
Nuclei
Nuclei
added yesterday307 views

Craft CMS - Remote Code Execution via Template Path Manipulation

This template identifies a critical Remote Code Execution RCE vulnerability in Craft CMS, identified as GHSA-2p6p-9rc9-62j9. The vulnerability exists due to improper handling of the --templatesPath query parameter, allowing attackers to execute arbitrary code by referencing malicious Twig...

9.8CVSS7.4AI score0.97446EPSS
Exploits9References5
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42662

LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0...

8.6CVSS6.2AI score0.0084EPSS
Exploits1References5
PyPA
PyPA
added 2026/06/29 11:50 a.m.4 views

pyLoad allows upload to arbitrary folder lead to RCE

SummaryAn authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Detailsexample version: 0.5file:src/pyload/webui/app/blueprints/[email protected]"/render/", endpoint="render"def renderfilename: mimetype =...

9.1CVSS7.5AI score0.01354EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51704

Name of the Vulnerable Software and Affected Versions MotorDesk versions prior to 1.1.3 Description The MotorDesk plugin for WordPress contains a Cross-Site Request Forgery CSRF flaw, which occurs when a web application allows an attacker to induce a user to perform actions they do not intend to...

4.3CVSS5.6AI score0.00145EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.11 views

CVE-2026-39345

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file resolution to the intended plugins directory, allowing an authenticated actor who can influence the template path to read arbitrary local files. This...

4.9CVSS5.5AI score0.00323EPSS
Exploits0References1
Circl
Circl
added 2026/04/27 12:7 p.m.7 views

CVE-2026-23483

creationtimestamp| type| source ---|---|--- 2026-04-27 12:07:05+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-23483.yaml...

6.9CVSS4.8AI score0.00771EPSS
Exploits0References1
Circl
Circl
added 2026/04/23 5:45 a.m.7 views

CVE-2026-41176

creationtimestamp| type| source ---|---|--- 2026-04-23 05:45:19+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-41176.yaml 2026-04-23 21:03:08+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtcoov2g 2026-04-24...

9.8CVSS5.8AI score0.34734EPSS
In wildExploits1References7
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM. This system offers features such as sales automation, community management, and customer support. Versions of EspoCRM prior to 9.3.4 contained security vulnerabilities. These vulnerabilities stemmed from the...

7.2CVSS5.8AI score0.00448EPSS
Exploits1References1
NVD
NVD
added 2026/04/10 7:16 p.m.5 views

CVE-2026-33705

Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files .tpl under /main/template/default/ are directly accessible without authentication via HTTP GET requests. These templates expose internal application logic, variable names, AJAX endpoint URLs, and admin panel...

5.3CVSS0.00245EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/07 6:17 p.m.1 views

CVE-2026-39345

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file resolution to the intended plugins directory, allowing an authenticated actor who can influence the template path to read arbitrary local files. This...

4.6CVSS6AI score0.00323EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-30968

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file resolution to the intended plugins directory, allowing an authenticated actor who can influence the template path to read arbitrary local files. This...

4.6CVSS6AI score0.00323EPSS
Exploits0References2
Circl
Circl
added 2026/03/28 3:26 a.m.4 views

CVE-2026-34156

creationtimestamp| type| source ---|---|--- 2026-03-28 03:26:07+00:00| published-proof-of-concept| https://github.com/nocobase/nocobase/security/advisories/GHSA-px3p-vgh9-m57c 2026-03-31 08:34:55+00:00| confirmed|...

9.9CVSS5.4AI score0.36503EPSS
Exploits7References7
Circl
Circl
added 2026/03/26 9:21 a.m.7 views

CVE-2025-62126

creationtimestamp| type| source ---|---|--- 2026-03-26 09:21:07+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-62126.yaml 2026-03-30 21:03:05+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mickqnddkr2a...

5.3CVSS5.8AI score0.00659EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/15 7:2 a.m.2 views

CVE-2026-4170

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

10CVSS5.7AI score0.0207EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.7 views

CVE-2026-28507

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References1
Veracode
Veracode
added 2026/03/07 5:9 a.m.4 views

Command Injection

idno/known is vulnerable to Command Injection. The vulnerability is due to improper handling of file imports combined with template path traversal, which allows an attacker to write malicious files and execute arbitrary code on the server...

8.6CVSS6.2AI score0.00673EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/06 4:12 a.m.28 views

CVE-2026-28507 Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS0.00673EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/06 4:12 a.m.3 views

CVE-2026-28507 Idno: Remote Code Execution via Chained Import File Write and Template Path Traversal

Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write and template path traversal. This issue has been patched in version 1.6.4...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References2
CVE
CVE
added 2026/03/06 4:12 a.m.21 views

CVE-2026-28507

CVE-2026-28507 affects Idno (social publishing platform). Public disclosures and Red Hat/Veracode entries describe two chained vulnerabilities leading to remote code execution: 1) Arbitrary PHP file write during WordPress import via importImagesFromBodyHTML, leveraging uncontrolled outbound fopen...

8.6CVSS6.5AI score0.00673EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder