33255 matches found
FacturaScripts: Account takeover of any 2FA-enabled user
Authentication bypass in FacturaScripts: /login?action=two-factor-validation accepts brute-forceable TOTP without password or CSRF protection Summary Core/Controller/Login.php::twoFactorValidationAction accepts an unauthenticated POST containing only fsNick and fsTwoFactorCode. If the TOTP value...
DIRAC: SQL injection and lack of access control in PilotManager service
Details A number of the functions in PilotManager pass parameters directly through to the database layer, which then does not do any escaping on the parameters. For example setPilotStatus:...
DIRAC: Pilot code downloaded over unverified HTTPS connection
Summary The second stage pilot pilot.tar is downloaded by the initial wrapper script without any verification of the webservers' SSL certificate and the contained script is subsequently executed. The checksum is tested, but the reference checksum file is downloaded over the same unvalidated...
DIRAC is vulnerable to RCE in FileCatalog DatasetManager via SQL injection + eval
Summary The FileCatalog DatasetManager runs a query on the database and passes the result to eval. The SQL query contains an injection vulnerability which allows an authenticated user to control the parameter returned to the eval resulting in remote code execution. Details The FileCatalog...
Apollo ConfigService access key authentication bypass via raw config file appId parsing
Summary Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey / management key authentication is enabled because authentication parsed the appId incorrectly for the raw config file endpoint. Details Requests under /configfiles/raw/appId/clusterName/namespace...
Apollo ConfigService access key authentication bypass via appId parsing and non-canonical matching
Summary Apollo ConfigService may allow unauthorized access to configuration data when AccessKey / management key authentication is enabled and ConfigService accepts a non-canonical appId variant during authentication while downstream request handling resolves it to the protected app. Details...
NukeViet: Pre-authentication SSRF via X-Forwarded-Host
Summary An unauthenticated attacker can coerce the server into issuing HTTP requests to an attacker-chosen host by spoofing the X Forwarded-Host and X-Forwarded-Proto request headers. The forwarded host is used, without validation, to build the URL that serverinfoupdate fetches with cURL, resulti...
NukeViet: Path Traversal to Arbitrary File Deletion in Edit Comment Function
Summary Path Traversal to Arbitrary File Deletion in the Edit Comment admin function. An authenticated administrator can delete arbitrary files within the application root e.g., config.php by injecting a crafted attach parameter, rendering the application inoperable. Affected Component...
NukeViet: Multiple Anti-XSS Filter Bypasses Leading to Stored XSS in News Module
Summary Two filter-bypass techniques in NukeViet\Core\Request::filterAttr and NukeViet\Core\Request::unhtmlentities allow a low-privileged user any account with news post permission to store and serve arbitrary JavaScript to any visitor of the affected page. Affected Component...
NukeViet: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary A stored cross-site scripting XSS vulnerability exists in NukeViet CMS versions 4.x through 4.5.08. A low-privileged authenticated user can store a JavaScript payload in their profile's display name fields. The payload executes in the browser of any visitor — including administrators — wh...
NukeViet: Unauthenticated Reflected XSS in Comment Module
Summary Reflected XSS in the Comment module via the statuscomment URL parameter. The parameter accepts attacker-controlled base64-encoded HTML/JavaScript that is decoded server-side and rendered unescaped into the page. Compounded by a second flaw: the checkss anti-forgery token was derived from ...
DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input
Summary An remote code execution vulnerability exists in RequestManager due to the use of eval on untrusted input that allows any authenticated user to run code/commands on the DIRAC server as the system user running the DIRAC services. Details The exportgetRequestCountersWeb function is callable...
Decidim: Push subscriptions can be abused for server-side requests
Description The push-subscription endpoint stores an attacker-controlled delivery URL, and the notification send path becomes an outbound-request sink when VAPID delivery is enabled. The practical result is an authenticated, stored, mostly blind SSRF primitive to arbitrary HTTPS endpoints reachab...
Decidim: HTML content blocks allow stored script execution
Description A privileged admin user who can edit an affected landing page can store arbitrary HTML/JavaScript in an HTML block, and the public page renders it with htmlsafe and no output escaping. Technical description This issue lets any admin who can edit an affected landing page store arbitrar...
Decidim: CSV census record endpoints improper authorization
Description A participant manager can access and modify the CSV census record admin forms. Technical description The CSV census admin record-management surface under /admin/csvcensus/censuslogs does not enforce admin-only authorization before rendering or mutating Decidim::Verifications::CsvDatum...
Decidim: JWT-backed authentication can be replayed across organizations
Description A JWT issued to an Org 1 account is accepted on the Org 2 API and can read the admin-only GraphQL participantDetails field for an Org 2 participant. The same trust-boundary problem also affects API-user authentication: an Org 1 API user can use a JWT on the Org 1 host and replay that...
Decidim: Verification documents can be downloaded through reusable links
Description Scanned identity-document images provided by participants and shown in the verification admin workflow are exposed through signed /rails/activestorage/disk/ URLs that can be fetched without any authenticated session. Anyone who obtains one of those URLs can retrieve the document until...
Decidim: Private exports can be downloaded through reusable links
Description The normal downloadyourdata flow requires the requester to be logged in as the export owner, but the resulting Active Storage blob redirect URL can be replayed without authentication by anyone who obtains it. Technical description This private export flow turns an authenticated,...
Decidim: Admin user search allows SQL injection through similarity-based sorting
The admin organization user search uses the untrusted term value inside raw SQL ORDER BY expressions. Because the value is interpolated before Rails sanitization is applied, a crafted search string is executed by PostgreSQL as part of the sort expression. Technical description The vulnerable...
Decidim: Verification admins can access supplied IDs from other organizations
Description The verification admin mutation flow allows accessing, verifying, and rejecting participants records from another tenant. Technical description The verification admin controllers loads pendingauthorizationid with a raw Authorization.find... and then authorizes the record without...
Decidim: Forms admin question editor lacks authorization
Description A participant can load the demographics questionnaire admin editor and make changes. Technical description The demographics questionnaire editor should require admin access, but the route under /admin/demographics/questions renders the editor interface without checking whether the...
Apollo Portal: There is a risk of unauthorized access to the Apollo configuration center
Summary Apollo Portal versions before 2.5.0 do not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/env/releases/releaseId. When configView.memberOnly.envs is enabled for the requested environment, a low-privileged Portal user can...
GeoNode: Stored XSS to full account takeover
An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to retrieve a victims CSRF token and issue a request to change another user's email address to perform a full account takeover. Due to the...
TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation
Description A vulnerability was discovered in TSDProxy where it forwards its internal per-process authentication token to all proxied backend services. When identityHeaders is enabled the default, tsdproxy injects x-tsdproxy-auth-token into every upstream HTTP request alongside user identity...
melange: Incomplete package integrity verification allows data section substitution
Previously, Apko verified the control section hash .PKGINFO etc. against the signed APKINDEX, but never verified the data section hash the actual package files that get installed. An attacker who could compromise a mirror, poison a cache, or MITM a package fetch could substitute arbitrary file...
Excon does not redact additional sensitive/risky headers when following redirects
Impact The redirect follower middleware previously failed to strip a number of headers that are known to be sensitive and did not provide a way to provide a custom list of headers to strip. What kind of vulnerability is it? Who is impacted? This could cause inadvertent leakage of sensitive data f...
Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset
Summary A Clauster instance bound to a non-loopback address e.g. 0.0.0.0 or a LAN IP can serve the entire dashboard and its API without any authentication — even when the operator has configured a password — if auth.enabled is left at its default false. The operator believes the instance is...
Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input
Summary secureheaders builds the Content-Security-Policy value by stitching every configured directive together with ; separators. Three directive builders buildsandboxlistdirective, buildmediatypelistdirective, buildreporttodirective interpolate caller-supplied strings into that value without...
SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content
SiYuan v3.6.5 and earlier versions contain a stored cross-site scripting XSS vulnerability in the Attribute View database asset cell renderer that escalates to remote code execution RCE in the Electron desktop client. This is a neighbor-bug of CVE-2026-44588: the fix for -44588 used escapeAriaLab...
prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE
Impact A PHP Object Injection vulnerability affects the PrestaShop module psfacetedsearch. The module rebuilds the selected search filters from the request URL. The value of a slider filter price or weight is taken from the URL without sufficient validation, then stored in an internal filter-bloc...
SiYuan: Stored XSS to RCE via attribute-view cell rendering in genAVValueHTML()
Summary The attribute-view database cell renderer genAVValueHTML interpolates cell content raw in four of its branches: text, url, phone, and mAsset. A cell value like or " breaks out of its surrounding tag and runs arbitrary JavaScript in the renderer when the victim opens the block-attribute...
mcp-atlassian: Arbitrary file read via missing path validation in confluence_upload_attachment
Summary confluenceuploadattachment passes filepath directly to openfilepath, "rb" with no path validation. Any authenticated MCP client — or an AI agent manipulated via prompt injection — can read any file the server process can access and exfiltrate it to Confluence as an attachment. Details Roo...
mcp-atlassian: Arbitrary server-side file read via attachment upload
Summary A client that can invoke MCP tools can read arbitrary files from the server host and exfiltrate them as Atlassian attachments. The attachment-upload tools take a client-supplied filepath and open it on the server's filesystem. The upload tools are meant to attach a file from the caller's...
SafeInstall agent guard shell parsing can miss raw package execution
Summary SafeInstall CLI through 0.10.1 can fail to recognize some package-manager and registry-runner commands in its agent guard. Case-variant launcher names, leading file-descriptor redirections, and supported shell wrappers with options can cause a raw install command to receive no guard...
NotrinosERP: Authenticated arbitrary file upload leads to remote code execution via HRM employee "Documents" (doc_file)
Summary An authenticated user with the HR "Manage Employees" permission SAEMPLOYEE can upload a file with an arbitrary extension through the employee Documents tab. The handler writes the raw client-supplied filename — extension intact — into a web served directory with no extension, MIME, or...
BabelDOC: Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py
Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py Summary BabelDOC's vendored PDF parser babeldoc/pdfminer/cmapdb.py deserializes untrusted pickle data when loading CMap files. The loaddata method strips only NUL bytes from a PDF-controlled CMap name, then...
File Browser: Command Injection via Authentication Hook Shell Substitution (Pre-Authentication RCE)
Overview The Hook Authentication feature in File Browser allows administrators to delegate login verification to an external shell command. User-supplied credentials username and password are interpolated into this command string using os.Expand without sanitization. An unauthenticated remote...
`exploration` was removed from crates.io for malicious code
A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Rustsec to Kirill...
Windmill: Resource-scoped API tokens can read script contents outside their allowed path via scripts/list_search
Summary A resource-scoped API token can read script contents outside its allowed path scope via GET /api/w/workspace/scripts/listsearch. This appears to be a remaining variant of the scoped-token authorization class previously addressed for other endpoints. The route-level scope middleware...
SiYuan: Stored XSS in Bazaar marketplace via package README event handlers
Summary renderPackageREADME in kernel/bazaar/readme.go renders a Bazaar package README from Markdown to HTML with the lute engine and SetSanitizetrue. The lute sanitizer is an event-handler blocklist: allowAttr rejects only attribute names present in a fixed eventAttrs map copied from the w3schoo...
File Browser: Authentication Bypass via Proxy Auth Header Forgery
Summary When FileBrowser is configured with proxy authentication auth.method=proxy, any unauthenticated attacker who can reach the server directly can impersonate any user - including admin - by sending a single forged HTTP header. No credentials are required. Additionally, specifying a...
SiYuan: Unauthenticated Admin API Access via Blanket chrome-extension:// Origin Allowlist
Summary SiYuan Note's kernel HTTP server unconditionally trusts all chrome-extension:// origins, granting RoleAdministrator access to every installed browser extension without any authentication. Combined with the default empty AccessAuthCode on desktop installs, any Chrome/Chromium extension --...
SiYuan: Unauthenticated SQLite Data Exfiltration via Template Injection in /api/icon/getDynamicIcon
Summary The /api/icon/getDynamicIcon endpoint is explicitly excluded from authentication in SiYuan's kernel router router.go, "不需要鉴权" -- no auth needed. When called with type=8 and a valid block id parameter, this endpoint invokes RenderDynamicIconContentTemplate, which executes a Go template tha...
CredSweeper: Recursive archive size-limit bypass in deep scanner allows crafted compressed inputs to exhaust resources
Summary CredSweeper's deep scanner does not enforce recursivelimitsize as a hard limit. Several recursive scanners fully decompress or fully read attacker-controlled content before the remaining budget is validated, and AbstractScanner.recursivescan continues processing even when the residual...
Excelize: Unbounded Row Index Allocation in Worksheet Parser (checkSheet OOM/Panic DoS)
Unbounded Row Index Allocation in Worksheet Parser checkSheet OOM/Panic DoS Summary The checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Excel row limit TotalRow...
Authorizer: Unvalidated redirect_uri in /authorize leaks OAuth2 tokens to attacker-controlled URL
Summary The /authorize endpoint accepts any redirecturi without validating it against AllowedOrigins. When responsetype=token or responsetype=idtoken, the server appends accesstoken, idtoken, and refreshtoken as query parameters and issues a 302 redirect to the attacker-supplied URL. An...
SiYuan: Stored XSS to RCE via CSS-snippet <style> breakout in renderSnippet()
Summary A CSS snippet body containing breaks out of its surrounding tag when renderSnippet interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so require'childprocess' is reachabl...
SiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read), Incomplete fix of CVE-2026-41894
Summary The patch for CVE-2026-41894 "Path Traversal via Double URL Encoding" sanitized the /export/ route but the identical root cause remains in the /assets/path route. In publish mode anonymous read-only HTTP endpoint, default port 6808, an unauthenticated remote attacker can read arbitrary...
MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)
Summary GHSA-7r34-79r5-rcc9's fix added validateurlforssrf, which resolves the attacker-controlled X-Atlassian-Jira,Confluence-Url header host once at middleware time and trusts the result. But the outbound request is later built with the raw hostname and re-resolves at connect time with no IP...
tarteaucitron: data-cookie attribute can be used to delete arbitrary cookies
Summary tarteaucitron provides a list of cookies and buttons to delete them. If an attacker can write HTML with data attributes, they could create an element that silently deletes a cookie when clicked and trick a user to delete this cookie. Details tarteaucitron.cookie.purge is called on any...