5 matches found
Exploit for CVE-2026-48908
CVE-2026-48908 — SP Page Builder Unauthenticated RCE SP Pag...
CVE-2026-32612 Statamic: privilege escalation via stored cross-site scripting
Statamic is a Laravel and Git powered content management system CMS. Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Th...
PT-2026-25092
Statamic is a Laravel and Git powered content management system CMS. Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Th...
PT-2025-46220
PacsOne Server version 6.6.2 prior versions are likely affected contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path'...
In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)
...