CVE-2026-56446

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

CVE-2026-56446

MISP is affected by CVE-2026-56446 where an authenticated site administrator could configure an arbitrary filesystem path for the NDJSON error log via JsonLogTool. Logged data can contain attacker-controlled content, enabling direction of log output to a web-accessible PHP file and potentially in...

Eclipse Jetty ConcatServlet - Information Disclosure

Eclipse Jetty through 9.4.40, through 10.0.2, and through 11.0.2 is susceptible to information disclosure. Requests to the ConcatServlet with a doubly encoded path can access protected resources within the WEB-INF directory, thus enabling an attacker to potentially obtain sensitive information,...

CentralSquare CryWolf - Path Traversal

A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf False Alarm Management through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. id: CVE-2024-45241 info:...

Web Directory Free < 1.7.3 - Local File Inclusion

The Web Directory Free WordPress plugin before 1.7.3 does not validate a parameter before using it in an include, which could lead to Local File Inclusion issues. id: CVE-2024-3673 info: name: Web Directory Free 1.7.3 - Local File Inclusion author: s4e-io severity: critical description: | The Web...

Web Directory Free < 1.7.0 - SQL Injection

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. id: CVE-2024-3552 info: name: Web Directory Free 1.7.0 - SQL...

CVE-2026-46393 HAXcms createSite SSRF Enables Arbitrary File Read

HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enablin...

GHSA-Q862-GCGQ-5M6G HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

HAXcms createSite SSRF Enables Arbitrary File Read

Summary An authenticated Server-Side Request Forgery SSRF vulnerability in HAXcms allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and internal network access. Details The createSite endpoint in HAXcms...

PT-2026-41975

Name of the Vulnerable Software and Affected Versions HAX CMS versions prior to 26.0.0 Description An authenticated Server-Side Request Forgery SSRF allows users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enabling arbitrary file read and...

EUVD-2026-29487

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...

CVE-2026-8043

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks...

PT-2026-40040

Name of the Vulnerable Software and Affected Versions Ivanti Xtraction versions prior to 2026.2 Description External control of a file name allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory. This can lead to information disclosure and...

Lulzbuster 2.0.0

Lulzbuster is a multithreaded, very fast and smart HTTPS directory and file bruteforcer written in C on top of libcurl. Given a target URL and a wordlist, it enumerates valid paths by firing concurrent HTTP requests and reporting back the responses that look like real hits i.e. status codes the...

CVE-2026-33647

WWBN AVideo (versions up to 26.0) is affected by a RCE in ImageGallery::saveFile(), where MIME-type validation via finfo passes a polyglot file with a .php extension because the saved filename extension is derived from the user-provided name without an allowlist. An attacker can upload a file wit...

CVE-2026-33647

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the user-supplied original filename without an allowlist check. An...

PT-2026-27169

Name of the Vulnerable Software and Affected Versions AVideo versions up to and including 26.0 Description AVideo is an open source video platform. The ImageGallery::saveFile method validates uploaded file content using finfo MIME type detection but derives the saved filename extension from the...

CVE-2026-28502

WWBN AVideo is an open source video platform. Prior to version 24.0, an authenticated Remote Code Execution RCE vulnerability was identified in AVideo related to the plugin upload/import functionality. The issue allowed an authenticated administrator to upload a specially crafted ZIP archive...

CVE-2026-28502

WWBN AVideo is an open source video platform. Prior to version 24.0, an authenticated Remote Code Execution RCE vulnerability was identified in AVideo related to the plugin upload/import functionality. The issue allowed an authenticated administrator to upload a specially crafted ZIP archive...

CVE-2026-28697

Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, an authenticated administrator can achieve Remote Code Execution RCE by injecting a Server-Side Template Injection SSTI payload into Twig template fields e.g., Email Templates. By calling the craft.app.fs.write...