Lucene search
+L

5 matches found

OSV
OSV
added 2026/07/08 11:34 a.m.7 views

BIT-PILLOW-2026-55798 Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path

Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.getcommand constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen..., shell=True, allowing shell metacharacters in the file path to inject...

4.5CVSS6AI score0.00136EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/07/06 9:12 p.m.31 views

CVE-2026-34153 Coolify LocalFileVolume fs_path command injection enables RCE

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, LocalFileVolume::saveStorageOnServer builds shell commands using unescaped fspath and parentdir values before validation, and submitFileStorage does not validate the...

8.8CVSS0.00403EPSS
Exploits0References3
CVE
CVE
added 2026/07/06 6:44 p.m.18 views

CVE-2026-55798

Pillow vulnerability CVE-2026-55798 affects WindowsViewer.get_command() in Pillow prior to 12.3.0. It builds a shell command by unescaped file path injected into an f-string and passes it to subprocess.Popen(..., shell=True), enabling injection of arbitrary cmd.exe commands. Impact is limited to ...

4.5CVSS6AI score0.00136EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2019/11/15 12:0 a.m.6 views

Unspecified Vulnerability in Sensio Labs Symfony

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security vulnerability exists in Sensio Labs Symfony...

7.5CVSS6.9AI score0.02248EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/07/16 11:58 a.m.42 views

ExpressionEngine: Image lib - unescaped file path

Under ./system/ee/legacy/libraries/Imagelib.php There are function from CodeIgniter to manipulate images. The issue is that the PHP function exec is used two times in two different functions: imageprocessimagemagick and imageprocessnetpbm In both cases the fullsrcpath and fulldstpath are given...

0.8AI score
Exploits0
Rows per page
Query Builder