11 matches found
CVE-2026-29039
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
CVE-2026-29039
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
CVE-2026-29039
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
CVE-2026-29039
Changedetection.io prior to 0.54.4 is vulnerable to an Arbitrary File Read via XPath in include_filters, where unparsed-text() can read files accessible to the application. Affected component is the XPath-based content filter processing using the elementpath parser. Impact includes reading sensit...
CVE-2026-29039 changedetection.io: XPath - Arbitrary File Read via unparsed-text()
changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which...
changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()
Summary - The changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification. - XPath 3.0 includes the unparsed-text function...
GHSA-6FMW-82M7-JQ6P changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()
Summary - The changedetection.io application allows users to specify XPath expressions as content filters via the includefilters field. These XPath expressions are processed using the elementpath library which implements XPath 3.0/3.1 specification. - XPath 3.0 includes the unparsed-text function...
Arbitrary Code Injection
Overview changedetection.io is a Website change detection and monitoring service Affected versions of this package are vulnerable to Arbitrary Code Injection via the unparsed-text function in XPath expressions processed by the application. An attacker can access and read arbitrary files from the...
PT-2026-23090
Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.4 Description The changedetection.io application allows users to specify XPath expressions as content filters via the include filters field. These XPath expressions are processed using the elementpath...