CVE-2026-46551

CVE-2026-46551 affects NocoDB’s v1/v2 attachment API upload-by-url. Before 2026.04.4, the uploadViaURL path did not enforce NC_ATTACHMENT_FIELD_SIZE against the remote content-length or response stream. The HEAD probe read content-length but wasn’t compared to the limit, and storageAdapter.fileCr...

CVE-2026-53473

The CVE affects the migration-planner-ui-app and describes a cross-site scripting (XSS) flaw in which an attacker can register a malicious discovery agent using a crafted credentialUrl containing JavaScript. When an organizational user clicks the link in the UI, the embedded code executes in the ...

CVE-2026-42141 Xibo: Authenticated Server-Side Request Forgery (SSRF) in Library Upload via URL functionality

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery SSRF vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests fr...

EUVD-2026-17105

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewcustomers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script o...

SUSE CVE-2026-30247

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery SSRF through HTTP redirects. While the backend implements comprehensive UR...

CVE-2026-24767

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...

NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality

Summary A blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, the initial metadata request executes without validation. This allows limited...

CVE-2026-24767 NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...

CVE-2026-24767

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...

CVE-2026-24767 NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...

NocoDB code-related vulnerabilities

NocoDB is an open-source alternative to Airtable. It converts any MySQL, PostgreSQL, SQL Server, SQLite, and MariaDB databases into intelligent spreadsheets. Versions of NocoDB prior to 0.301.0 have code vulnerabilities; these vulnerabilities stem from a blind server-side request forgeing...

EUVD-2025-201372

The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on...

CVE-2025-43749

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows unauthenticated users guests to access via URL files...

CVE-2024-24013

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/pay/list...

CVE-2023-48244

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request...

CVE-2019-16317

In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocked and are reachable within the phar://../../../../../../../../var/www/html/web/var/assets/ directory, a different...

CVE-2019-18955

The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019...

ewgaddis.lab6 Directory Traversal Vulnerability

ewgaddis.lab6 is a file server. A directory traversal vulnerability exists in ewgaddis.lab6. An attacker can exploit this vulnerability by placing "... /" in a URL to access the file system...