Lucene search
K

15 matches found

OSV
OSV
added 2026/06/30 10:8 p.m.4 views

CVE-2026-56700 Grav - Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command Injection

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget...

9.3CVSS6.5AI score0.01683EPSS
Exploits0References4
OSV
OSV
added 2026/05/11 3:24 p.m.4 views

CVE-2026-42613 Grav: Privilege Escalation via Missing Server-Side Validation of groups/access

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, the Login::register method in the Login plugin accepts attacker-controlled groups and access fields from the registration POST data without server-side validation. When registration is enabled and groups or access are included in the...

9.4CVSS6AI score0.00939EPSS
Exploits0References5
OSV
OSV
added 2026/05/11 2:52 p.m.3 views

CVE-2026-42841 Grav: Stored XSS via Markdown media attribute() action in Grav CMS

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with page editing permissions can inject an executable JavaScript event-handler attribute into rendered image HTML through Grav's Markdown media action syntax. The issue is caused by Markdown image query parameters...

6.9CVSS6AI score0.00397EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 7:43 p.m.5 views

CVE-2026-40188

goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...

7.7CVSS5.8AI score0.00318EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.7 views

PT-2026-32038

Name of the Vulnerable Software and Affected Versions: goshs versions 1.0.7 through 2.0.0-beta.4 Description: goshs is a SimpleHTTPServer written in Go. The SFTP command rename sanitizes only the source path and not the destination, allowing a write outside of the root directory of the SFTP. This...

7.7CVSS6.4AI score0.00318EPSS
Exploits1References14
Cvelist
Cvelist
added 2026/04/06 8:50 p.m.19 views

CVE-2026-35393 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart upload

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.0.0-beta.3...

9.8CVSS0.00683EPSS
Exploits1References1
OSV
OSV
added 2026/04/06 8:48 p.m.2 views

CVE-2026-35392 goshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT Upload

goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, PUT upload in httpserver/updown.go has no path sanitization. This vulnerability is fixed in 2.0.0-beta.3...

9.8CVSS7.2AI score0.00683EPSS
Exploits1References3
NVD
NVD
added 2026/04/02 7:21 p.m.13 views

CVE-2026-34581

goshs is a SimpleHTTPServer written in Go. From version 1.1.0 to before version 2.0.0-beta.2, when using the Share Token it is possible to bypass the limited selected file download with all the gosh functionalities, including code exec. This issue has been patched in version 2.0.0-beta.2...

8.1CVSS0.00392EPSS
Exploits1References3
Snyk
Snyk
added 2025/11/05 7:52 p.m.2 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the Organization V2Beta API endpoints. An attacker can access and modify data belonging to other organizations by bypassing authorization checks with administrator privileges for a...

8.8CVSS6.9AI score0.00276EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/05 7:52 p.m.3 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the Organization V2Beta API endpoints. An attacker can access and modify data belonging to other organizations by bypassing authorization checks with administrator privileges for a...

8.8CVSS6.9AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/08 10:2 a.m.11 views

CVE-2019-25225

sanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting XSS. The sanitizeHtml function in index.js does not sanitize content when using the custom transformTags option, which is intended to convert attribute values into text. As a result, malicious input can be transformed...

6.1CVSS0.00251EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.4 views

PT-2025-36452

Name of the Vulnerable Software and Affected Versions: sanitize-html versions prior to 2.0.0-beta Description: The sanitizeHtml function in index.js does not sanitize content when using the custom transformTags option, which is intended to convert attribute values into text. This allows malicious...

6.1CVSS5.1AI score0.00251EPSS
Exploits1References13
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.6 views

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua. A security vulnerability exists in Dcat Admin v2.2.0-beta and v2.2.2-beta, which was discovered to contain a cross-site scripting vulnerability via /admin/auth/menu and...

4.8CVSS6AI score0.00264EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.5 views

ABCD2 跨站脚本漏洞

ABCD2 is an ABCD open source software suite for library and documentation center automation. A cross-site scripting vulnerability exists in ABCD2 2.2.0-beta-1 and earlier versions, which stems from some unknown handling of the file /buscarintegrada.php, where manipulation of the parameter...

5.3CVSS4.3AI score0.0049EPSS
Exploits1References5
CNVD
CNVD
added 2017/09/07 12:0 a.m.4 views

FreeRDP Denial of Service Vulnerability (CNVD-2017-25707)

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. A denial of service vulnerability exists in FreeRDP version 2.0.0-beta1+android11. A remote attacker can exploit this vulnerability to cause a denial of service with the help of special...

6.5CVSS6.9AI score0.01569EPSS
Exploits1References1
Rows per page
Query Builder