4 matches found
CVE-2026-15138
Technical details beyond the generic description are not publicly available in the provided documents. Monitor for updates on affected components, versions, and remediation.
EUVD-2026-42494
A security vulnerability has been detected in tumf mcp-text-editor up to 1.0.2. This issue affects the function validatefilepath of the file mcptexteditor/texteditor.py. Such manipulation of the argument filepath leads to path traversal. The attack can be launched remotely. The exploit has been...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in validatefilepath in viewcomponentssystemtestcontroller.rb, which is accessible via the system test entrypoint. An attacker with access to this endpoint, which is mounted in Rails.env.test?, can read files in a...
Eventum Cross-Site Scripting Vulnerability (CNVD-2019-39386)
Eventum is a defect tracking system. The system is used to track inbound technical support, organizational tasks, bugs, etc. A cross-site scripting vulnerability exists in the /htdocs/validate.php file in Eventum version 3.5.0. The vulnerability stems from a lack of proper validation of client-si...