Lucene search
K

288 matches found

NVD
NVD
added 2026/07/07 9:17 p.m.6 views

CVE-2026-50007

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/07 8:53 p.m.33 views

CVE-2026-50007 Actual: Shared users can perform owner-only file management actions

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS0.00246EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 4:3 p.m.15 views

PYSEC-2026-1802 pretix has Broken Access Control Allowing Cross-User File Access via UUID

An API endpoint allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS5.9AI score0.00226EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56243

Name of the Vulnerable Software and Affected Versions Actual versions prior to 26.7.0 Description A missing authorization issue allows a shared user with user access on a budget file to perform file management actions reserved for the owner or an administrator. This occurs because the...

7.2CVSS6.1AI score0.00246EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2026/06/25 3:24 p.m.8 views

CVE-2026-48944

The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATHSITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by t...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 4:49 p.m.49 views

CVE-2026-54009 Open WebUI: Cross-user file disclosure via /api/chat/completions image_url field

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/chat/completions accepts an imageurl.url value that, when it does NOT start with http://, https://, or data:image/, is interpreted as a file id and resolved against the...

6.5CVSS0.00225EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/07 8:59 a.m.18 views

CVE-2026-7565

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

4.9CVSS5.6AI score0.00646EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/06 2:28 a.m.12 views

EUVD-2026-34946

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

4.9CVSS5.6AI score0.00646EPSS
Exploits0References8
CVE
CVE
added 2026/06/06 2:28 a.m.29 views

CVE-2026-7565

CVE-2026-7565 affects LearnPress – Backup & Migration Tool for WordPress. All versions up to 4.1.4 are vulnerable to an Arbitrary File Read via Directory Traversal through the import-user-file parameter. Exploitation requires authenticated access at Administrator level or higher, allowing reading...

4.9CVSS5.6AI score0.00646EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/06 2:28 a.m.42 views

CVE-2026-7565 LearnPress <= 4.1.4 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'import-user-file' Parameter

The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level acces...

4.9CVSS0.00646EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.19 views

PT-2026-47128

Name of the Vulnerable Software and Affected Versions LearnPress – Backup & Migration Tool versions prior to 4.1.5 Description The plugin is susceptible to arbitrary file read through directory traversal, a technique that allows access to files and directories outside the intended folder...

4.9CVSS5.6AI score0.00646EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.11 views

WordPress plugin LearnPress – Backup & Migration Tool 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.4AI score0.00646EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.8 views

CVE-2026-7103

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...

6.3CVSS4.7AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-10809

A security flaw has been discovered in itsourcecode Fees Management System 1.0. This impacts an unknown function of the file /manageuser.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be...

6.5CVSS6.5AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.12 views

CVE-2026-37602

SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manageuser.php...

2.7CVSS5.7AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 2:35 p.m.3 views

CVE-2026-9712 Insecure direct object reference

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

7CVSS6AI score0.00219EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.20 views

PT-2026-43432

A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manage user.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/18 5:27 p.m.12 views

Use of a Broken or Risky Cryptographic Algorithm

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the use of a weak cryptographical hash algorithm in the User.php and...

6.9CVSS5.8AI score0.00193EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.16 views

PT-2026-41793

Name of the Vulnerable Software and Affected Versions Sulu versions prior to 2.6.23 Sulu versions prior to 3.0.6 Description Sulu is an open-source PHP content management system based on the Symfony framework. The generation of API keys and password reset tokens utilizes a weak cryptographical ha...

6.9CVSS5.8AI score0.00193EPSS
Exploits0References6
NVD
NVD
added 2026/05/02 10:16 a.m.4 views

CVE-2026-7612

A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edituser.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may ...

5.8CVSS0.00206EPSS
Exploits0References5
Rows per page
Query Builder