CVE-2026-34744 MantisBT authorization bypass allows continued access to self-uploaded attachments on private issues

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

GO-2026-4367 Gitea has improper access control for uploaded attachments in code.gitea.io/gitea

Gitea has improper access control for uploaded attachments in code.gitea.io/gitea...

EUVD-2026-4269

Gitea has improper access control for uploaded attachments...

EUVD-2021-18740

Malware in sbrugna...

EUVD-2006-0897

Malware in sbrugna...

showdoc 跨站脚本漏洞

showdoc is open source a great tool for IT teams to share documents online. A security vulnerability exists in showdoc before 2.10.2. The vulnerability allowed .xml to store cross-site scripting attack payloads via uploaded attachments in the format found in the document library...

CVE-2020-9364

An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactformupload parameter. An attacker could exploit this...

GLSA-201110-03 : Bugzilla: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201110-03 Bugzilla: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could conduct cross-site scripting...

Code injection

Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3...

Design/Logic Flaw

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977...

CVE-2011-2977

Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3...

CVE-2008-7292

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977...

Information disclosure

NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to 1 the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and 2 the tmp directory, which lists names of uploaded attachments...

CVE-2006-0893

NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to 1 the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and 2 the tmp directory, which lists names of uploaded attachments...