33225 matches found
Admidio has an HTMLPurifier Bypass in eCard Message Allows HTML Email Injection
Summary The eCard send handler in Admidio uses the raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject arbitrary HTML and JavaScript into greeting card emails sent t...
Admidio is Missing Authorization and CSRF Protection on Document and Folder Deletion
Summary The documents and files module in Admidio does not verify whether the current user has permission to delete folders or files. The folderdelete and filedelete action handlers in modules/documents-files.php only perform a VIEW authorization check getFolderForDownload / getFileForDownload...
Admidio Vulnerable to SSRF and Local File Read via Unrestricted URL Fetch in SSO Metadata Endpoint
Summary The SSO metadata fetch endpoint at modules/sso/fetchmetadata.php accepts an arbitrary URL via $GET'url', validates it only with PHP's FILTERVALIDATEURL, and passes it directly to filegetcontents. FILTERVALIDATEURL accepts file://, http://, ftp://, data://, and php:// scheme URIs. An...
Admidio is Missing CSRF Protection on Role Membership Date Changes
Summary The savemembership action in modules/profile/profilefunction.php saves changes to a member's role membership start and end dates but does not validate the CSRF token. The handler checks stopmembership and removeformermembership against the CSRF token but omits savemembership from that...
Admidio is Missing CSRF Validation on Role Delete, Activate, and Deactivate Actions
Summary The delete, activate, and deactivate modes in modules/groups-roles/groupsroles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The client-side UI passes a CSRF token to callUrlHideElement, which includes it in the POST body, but the...
File Upload(RCE) Vulnerability in admidio
Summary A critical unrestricted file upload vulnerability exists in the Documents & Files module of Admidio. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file...
Loop with Unreachable Exit Condition ('Infinite Loop') in ewe
Summary ewe's handletrailers function contains a bug where rejected trailer headers forbidden or undeclared cause an infinite loop. The function recurses with the original unparsed buffer instead of advancing past the rejected header, re-parsing the same header forever. Each malicious request...
Permissive List of Allowed Inputs in ewe
Summary ewe's chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9 header names. Security-sensitive headers like authorization, cookie, and x-forwarded-for can be injected or overwritten by a malicious client...
lz4_flex's decompression can leak information from uninitialized memory or reused output buffer
Summary Decompressing invalid LZ4 data can leak data from uninitialized memory, or can leak content from previous decompression operations when reusing an output buffer. Details The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from the...
Kargo Vulnerable to SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data Exfiltration
Summary Kargo's built-in http and http-download promotion steps execute outbound HTTP requests from the Kargo controller. By design, these steps do not restrict destination addresses, as there are legitimate use cases for requests to internal and private endpoints. However, this also permits...
Fullchain's Invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. Patch Removing the inter-ns...
Romeo is vulnerable to Archive Slip due to missing checks in sanitization
Summary The sanitizeArchivePath function in webserver/api/v1/decoder.go lines 80-88 is vulnerable to a path traversal bypass due to a missing trailing path separator in the strings.HasPrefix check. A crafted tar archive can write files outside the intended destination directory. Vulnerable Code...
Monitoring is vulnerable to Archive Slip due to missing checks in sanitization
The sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to a path traversal bypass due to a missing trailing path separator in the strings.HasPrefix check. A crafted tar archive can write files outside the intended destination directory when using the extractor CLI...
Romeo's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from the "hardened" namespace to any Pod out of it. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. Patch Removing the inter-ns NetworkPolicy...
Chall-Manager's invalid NetworkPolicy enables a malicious actor to pivot into another namespace
Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as part of the deployment program, leading to a potential lateral movement. In the specific case of...
File Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination Parameter
Description The resourcePatchHandler in http/resource.go validates the destination path against configured access rules before the path is cleaned/normalized. The rules engine rules/rules.go uses literal string prefix matching strings.HasPrefix or regex matching against the raw path. The actual...
SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
Summary SiYuan Note v3.6.0 and likely prior versions contains an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlying SQLite database...
File Browser Signup Grants Admin When Default Permissions Include Admin
Summary Any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the default user permissions have perm.admin = true. The signup handler blindly applies all default settings - including Perm.Admin - to the new user without any...
SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS
Remote Code Execution via Malicious Bazaar Package — Marketplace XSS Summary SiYuan's Bazaar community marketplace renders plugin/theme/template metadata and README content without sanitization. A malicious package author can achieve RCE on any user who browses the Bazaar by: 1. Package metadata...
File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely
!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...
OpenClaw session transcript files were created without forced user-only permissions
openclaw created new session transcript JSONL files with overly broad default permissions in affected releases. On multi-user hosts, other local users or processes could read transcript contents, including secrets that might appear in tool output. Affected Packages / Versions - Package: openclaw...
OpneClaw accepts unsanitized iMessage attachment paths which allowed SCP remote-path command injection
Summary openclaw versions :. In affected releases, the remote host was normalized but the remote attachment path was not validated for shell metacharacters before being passed to the SCP remote operand. A sender-controlled iMessage attachment filename containing shell metacharacters could therefo...
OpenClaw Telegram webhook request bodies were read before secret validation, enabling unauthenticated resource exhaustion
Summary openclaw versions = 2026.3.12 read and buffered Telegram webhook request bodies before validating x-telegram-bot-api-secret-token. This let unauthenticated callers force up to the configured webhook body limit of pre-auth body I/O and JSON parse work per request. Affected Packages /...
OpenClaw bootstrap setup codes could be replayed to escalate pending pairing scopes before approval
Summary openclaw versions = 2026.3.12 allowed bootstrap setup codes to be replayed before approval, which could widen the scopes on a pending device pairing request. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.3.12 - Fixed version: 2026.3.13 Details The...
OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs
Summary openclaw versions /..., so the resulting error strings could leak bot tokens into logs, console output, or any downstream error surface that rendered the exception text. This issue is in scope under OpenClaw's trust model because the leaked secret is an OpenClaw-operated integration...
SiYuan Vulnerable to Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface
Remote Code Execution via Stored XSS in Notebook Name - Mobile Interface Summary SiYuan's mobile file tree MobileFiles.ts renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version Files.ts properly uses escapeHtml for the same...
SiYuan importStdMd: unvalidated localPath imports arbitrary host directories as persistent notes
Summary POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their content as SiYuan note documents in the workspace database, making them...
SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write
Summary POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. Details...
SiYuan Vulnerable to Cross-Origin WebSocket Hijacking via Authentication Bypass — Unauthenticated Information Disclosure
Cross-Origin WebSocket Hijacking via Authentication Bypass — Unauthenticated Information Disclosure Summary SiYuan's WebSocket endpoint /ws allows unauthenticated connections when specific URL parameters are provided ?app=siyuan&id=auth&type=auth. This bypass, intended for the login page to keep...
SiYuan globalCopyFiles: incomplete sensitive path blocklist allows reading /proc and Docker secrets
Summary POST /api/file/globalCopyFiles reads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin can copy /proc/1/environ or Docker secrets into the workspace an...
Parse Server has a stored XSS filter bypass via Content-Type MIME parameter and missing XML extension blocklist entries
Impact An attacker who is allowed to upload files can bypass the file extension filter by appending a MIME parameter e.g. ;charset=utf-8 to the Content-Type header. This causes the extension validation to fail matching against the blocklist, allowing active content to be stored and served under t...
Azure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerability
Unauthenticated users can view a list of buckets the plugin has access to. The DefaultController-actionLoadContainerData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Because Azure can return sensitive data in error...
Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()
Summary A low-privilege user or an unauthenticated user who has been sent a shared URL can escalate their privileges to admin by abusing UsersController-actionImpersonateWithToken. Affected users should update to Craft 4.17.6 and 5.9.12 to mitigate the issue. Details This vulnerability allows any...
GoBGP vulnerable to a denial of service via the NEXT_HOP path attribute
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXTHOP path attribute...
Google Cloud Storage for Craft CMS has an Information Disclosure Vulnerability
Unauthenticated users can view a list of buckets the plugin has access to. The DefaultController-actionLoadBucketData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Users should update to version 2.2.1 of the plugin to...
Amazon S3 for Craft CMS has an Information Disclosure vulnerability
Unauthenticated users can view a list of buckets the plugin has access to. The BucketsController-actionLoadBucketData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin is allowed to see. Users should update to version 2.2.5 of the plugin to...
Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController
The fix for https://github.com/advisories/GHSA-7jx7-3846-m7w7 commit https://github.com/craftcms/cms/commit/395c64f0b80b507be1c862a2ec942eaacb353748 only patched src/services/Fields.php, but the same vulnerable pattern exists in ElementIndexesController and FieldsController. You need Craft contro...
Craft CMS vulnerable to behavior injection RCE via EntryTypesController
The fix for GHSA-7jx7-3846-m7w7 commit 395c64f0b80b507be1c862a2ec942eaacb353748 only patched src/services/Fields.php, but the same vulnerable pattern exists in EntryTypesController::actionApplyOverrideSettings. In src/controllers/EntryTypesController.php lines 381-387: php $settingsStr =...
Craft CMS has a Path Traversal Vulnerability in AssetsController
The AssetsController-replaceFile method has a targetFilename body parameter that is used unsanitized in a deleteFile call before Assets::prepareAssetName is applied on save. This allows an authenticated user with replaceFiles permission to delete arbitrary files within the same filesystem root by...
RCE via SSTI for users with permissions to access the Craft CMS Webhooks plugin
The Webhooks plugin renders user-supplied template content through Twig’s renderString function without sandbox protection. This allows an authenticated user with access to the Craft control panel and permissions to access the Webhooks plugin to inject Twig template code that calls arbitrary PHP...
SandboxJS has an execution-quota bypass (cross-sandbox currentTicks race) in SandboxJS timers
Summary Assumed repo path is /Users/zwique/Downloads/SandboxJS-0.8.34 no /Users/zwique/Downloads/SandboxJS found. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...
Stored XSS in Memray-generated HTML reports via unescaped command-line metadata
Summary Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated report. This allowed JavaScript...
XSS in @leanprover/unicode-input-component
Impact Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as unescaped HTML. Patches The issue has been resolved in 0.2.0. Workarounds Replace the...
StudioCMS REST getUsers Exposes Owner Account Records to Admin Tokens
Summary The REST API getUsers endpoint in StudioCMS uses the attacker-controlled rank query parameter to decide whether owner accounts should be filtered from the result set. As a result, an admin token can request rank=owner and receive owner account records, including IDs, usernames, display...
Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers
Summary In Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead of the discovered IP. When a dynamic server reports itself as protected, Glances...
Glances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist`
Summary In Central Browser mode, the /api/4/serverslist endpoint returns raw server objects from GlancesServersList.getserverslist. Those objects are mutated in-place during background polling and can contain a uri field with embedded HTTP Basic credentials for downstream Glances servers, using t...
Glances's REST/WebUI Lacks Host Validation and Remains Exposed to DNS Rebinding
Summary Glances recently added DNS rebinding protection for the MCP endpoint, but the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent host allowlist. As a result, the REST API, WebUI, and token endpoint remain...
Glances has a SQL Injection in DuckDB Export via Unparameterized DDL Statements
Summary The GHSA-x46r fix commit 39161f0 addressed SQL injection in the TimescaleDB export module by converting all SQL operations to use parameterized queries and psycopg.sql composable objects. However, the DuckDB export module glances/exports/glancesduckdb/init.py was not included in this fix...
Glances's Default CORS Configuration Allows Cross-Origin Credential Theft
Summary The Glances REST API web server ships with a default CORS configuration that sets alloworigins="" combined with allowcredentials=True. When both of these options are enabled together, Starlette's CORSMiddleware reflects the requesting Origin header value in the Access-Control-Allow-Origin...
Glances has Incomplete Secrets Redaction: /api/v4/args Endpoint Leaks Password Hash and SNMP Credentials
Summary The GHSA-gh4x fix commit 5d3de60 addressed unauthenticated configuration secrets exposure on the /api/v4/config endpoints by introducing asdictsecure redaction. However, the /api/v4/args and /api/v4/args/item endpoints were not addressed by this fix. These endpoints return the complete...