33312 matches found
FacturaScripts: Path traversal in UploadedFile::move() via getClientOriginalName() — arbitrary file write outside MyFiles/ leading to RCE
Summary FacturaScripts\Core\UploadedFile::move$destiny, $destinyName concatenates $destiny and $destinyName without normalizing the resulting path. Every caller in the codebase passes UploadedFile::getClientOriginalName — the unsanitized client-supplied filename — as $destinyName, so an...
NetLicensing-MCP: Unauthenticated Use of Server-Side NetLicensing API Key in HTTP Mode
Unauthenticated Use of Server-Side NetLicensing API Key in HTTP Mode Summary When netlicensing-mcp is run in HTTP transport mode, the ApiKeyMiddleware fails to enforce authentication: requests that carry no client API key are unconditionally forwarded to the next handler server.py:1427. The...
Woodpecker: Privilege escalation via unrestricted serviceAccountName in the Kubernetes backend
Impact A privilege escalation vulnerability affects Woodpecker instances using the Kubernetes backend. The pipeline option backendoptions.kubernetes.serviceAccountName was passed directly to the pod spec without any admin gating. Who is impacted: any operator running the Kubernetes backend. Any...
Nebula-mesh allows non-admin operators to disable webhook SSRF protection via `allow_private`
Summary Non-admin operators role user can set allowprivate: true on their own managed webhook subscription POST/PATCH /api/v1/webhook-subscriptions. No admin check exists on this field. At delivery time, allowprivate switches the dispatcher to an unguarded HTTP client, bypassing the...
nebula-mesh: Certificate revocation is never enforced at the mesh
Summary nebula-mesh revokes a host by adding its certificate fingerprint to a per-CA blocklist and shipping that list to every other agent on each poll. Slack's Nebula enforces certificate revocation ONLY through the pki.blocklist list in config.yml no CRL/OCSP. The project's own code states this...
n8n-MCP: Incorrect authorization can expose default-scope workflow version backups in multi-tenant HTTP mode
Summary In multi-tenant HTTP mode ENABLEMULTITENANT=true, an authenticated tenant could, under certain conditions, reach n8n-mcp's local default-scope workflowversions backups instead of being confined to its own tenant scope. This affects n8n-mcp's own local workflow-version storage, not a norma...
nebula-mesh: Web UI host creation ignores configured enrollment token TTL and mints 24-hour bearer enrollment tokens
Summary The nebula-mgmt Web UI host-creation path ignores both the server-wide enrollmenttokenttl security setting and per-network networkconfig.enrollmenttokenttl overrides. API host creation and token-regeneration paths use the configured TTL resolver, but POST /ui/hosts hardcodes now.Add24...
nebula-mesh: Unauthenticated OIDC login endpoint allocates unbounded in-memory state entries without rate limiting
Summary When OIDC is enabled, GET /ui/oidc/login is reachable without authentication and is registered outside the Web UI rate-limited auth routes. Every request creates a fresh random OIDC state value and stores it in an in-memory map for 10m. Expired states are swept lazily, but there is no rat...
Anyquery: Local File Read (LFR) via Unrestricted SQLite Virtual Table Modules in Server Mode
Summary Anyquery's server mode lacks input sanitization and access control over its built-in SQLite virtual table modules e.g., csvreader, logreader. Unauthenticated attackers connecting to the MySQL-compatible server port can create virtual tables pointing to local files on the system e.g.,...
nebula-mesh: Operator session tokens stored in plaintext in the database
Impact Operator session tokens are stored in plaintext in the operatorsessions table the token column is the PRIMARY KEY. The session token is a 32-byte random hex value sent directly in a cookie and valid for 24 hours. - internal/models/operator.go:61 — OperatorSession.Token holds the plaintext...
Netty: Denial of Service via Unbounded Headers in StompSubframeDecoder
Summary The StompSubframeDecoder fails to limit the total number of headers or their cumulative size per frame, allowing an attacker to cause an OutOfMemoryError, leading to a Denial of Service. Details io.netty.handler.codec.stomp.StompSubframeDecoder implements the STOMP protocol. The...
nebula-mesh: CA private key not zeroized on web mobile-bundle error paths
Impact The web handler renderMobileBundle internal/web/handlers.go:1325 passes the real pki.CAResolver directly into mobilebundle.Build. Inside Build internal/mobilebundle/builder.go:54, resolver.LoadByID decrypts the CA's ed25519 private key into a pki.CAManager, but Build never calls...
Anyquery: Server-Side Request Forgery (SSRF) via Unrestricted SQLite Virtual Table Modules in Server Mode
Summary Anyquery's server mode does not restrict outbound HTTP requests initiated by its built-in SQLite virtual table modules e.g., jsonreader, logreader. Unauthenticated attackers connecting to the MySQL-compatible server port can create virtual tables pointing to internal network endpoints or...
Umbraco.AI discloses sensitive application configuration values
Impact Under certain configurations, a user with elevated privileges may be able to cause sensitive application configuration values, potentially including secret material such as credentials, to be disclosed. Successful exploitation could expose confidential information and, depending on what th...
Ech0: ParseAcceptLanguage `_` separator bypass enables ~70x CPU amplification via Accept-Language header in i18n.Middleware
Summary Ech0's i18n middleware runs on every HTTP request and constructs a fresh goi18n.Localizer from the raw Accept-Language header without imposing any size or shape filter. goi18n.NewLocalizer calls golang.org/x/text/language.ParseAcceptLanguage on the value internally. The underlying parser...
TidGi Desktop Remote Code Execution via Malicious TiddlyWiki Repository Import — Tiddler Startup Module Auto-Execution
Description TidGi Desktop through 0.13.0 contains a critical remote code execution vulnerability exploitable via a single Git repository import. The vulnerability leverages TiddlyWiki's module system, which automatically discovers and executes JavaScript code embedded in .tid files placed in the...
Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser
Summary When Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to gigabytes, causing the Trivy process to b...
EasyAdmin: Stored Cross-Site Scripting (XSS) via uploaded files served inline in FileField and ImageField
EasyAdmin's FileField and ImageField accept browser-executable file types by default FileField applies no MIME/extension restrictions; ImageField's default Image constraint accepts SVG. When the upload directory is configured inside the public web root — as shown in the documentation — EasyAdmin...
TsDProxy: X-Forwarded-For header injection allows IP spoofing in proxied requests to backend services
Description The HTTP reverse proxy handler in tsdproxy does not strip the X-Forwarded-For or X-Real-IP header from incoming requests before calling r.SetXForwarded. This allows an authenticated Tailscale user to inject arbitrary X-Forwarded-For values that are forwarded verbatim to backend...
Prototype pollution in @feathersjs/commons _.merge via JSON-parsed __proto__
Impact The .mergetarget, source utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keyssource. When source was produced by JSON.parse and contains a proto or constructor / prototype key, that key is returned as an own-enumerable property. The recursi...
yutu: Arbitrary File Write via MCP `caption-download` Tool
Arbitrary File Write via MCP caption-download Tool Summary The caption-download MCP tool in yutu passes the caller-supplied file parameter directly to os.Create at pkg/caption/caption.go:272 without any path validation, canonicalization, or confinement to the pkg.Root boundary YUTUROOT. A local...
Auth0 Symfony SDK Accepted Bearer Tokens via URL Query Parameter
Description Applications built with the Auth0 Symphony SDK, using the Authorizer security authenticator to protect HTTP routes may accept OAuth 2.0 bearer access tokens provided through a URL query parameter, in addition to the standard Authorization header, which may increase the risk of access...
n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments
Impact In multi-tenant HTTP deployments — where a single n8n-mcp server serves several tenants — the locally stored workflow version history the automatic backups taken before workflow updates was not isolated per tenant. An authenticated tenant could read workflow version snapshots belonging to...
Woodpecker gRPC agent_id metadata can be spoofed- cross-tenant agent impersonation
Impact A vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctly verified the JWT token but then discarded the verified agent identity in fav...
Anyquery: Arbitrary File Write (AFW) which could lead to Remote Code Execution (RCE) via Unrestricted ATTACH DATABASE in Server Mode
Summary Anyquery's server mode does not disable or restrict native SQLite disk manipulation commands. Unauthenticated attackers connecting to the MySQL-compatible server port can use the ATTACH DATABASE command to write arbitrary SQLite databases to any path on the victim's filesystem where the...
Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges
Summary Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the current IPv4 validation logic appears incomplete. The validatePublicUrl protection relies on isValidPublicIPv4Address to...
MKP: Unbounded Pod Log Read via Attacker-Controlled `limitBytes`/`tailLines` Causes Memory Exhaustion
Unbounded Pod Log Read via Attacker-Controlled limitBytes/tailLines Causes Memory Exhaustion Summary The MKP Model Context Protocol for Kubernetes server exposes a getresource MCP tool that proxies Kubernetes pod log requests. User-supplied limitBytes and tailLines parameters are parsed as...
Hoverfly: Denial of Service via Goroutine Leak in Remote Post-Serve Actions
Summary: Remote post-serve actions use http.DefaultClient without any timeout configuration. When the remote endpoint is unreachable or intentionally slow accepts TCP connection but never responds, each triggered proxy request spawns a goroutine that blocks indefinitely on http.DefaultClient.Do. ...
Hoverfly: Process Crash via Concurrent Map Write Race Condition in Diff Mode
Summary: When Hoverfly is running in Diff mode, the AddDiff function writes to the shared responsesDiff map without any synchronization no mutex. When multiple proxy requests are processed concurrently the normal case for any proxy, the concurrent map writes trigger Go's built-in race detector...
K3s: ZIP Archive Path Traversal Vulnerability in etcd Snapshot Decompression
Summary A path traversal vulnerability exists in K3s's etcd snapshot decompression functionality. Zip files containing archive members with maliciously crafted names e.g., ../../../../etc/password can be written to arbitrary locations on the filesystem when an administrator restores the archive a...
Wasmtime: Memory leak in C API with `externref` and `anyref` types
Impact Wasmtime 37.0.0 and 37.0.1 have memory leaks in the C/C++ API when using bindings for the anyref or externref WebAssembly values. This is caused by a regression introduced during the development of 37.0.0 and all prior versions of Wasmtime are unaffected. If anyref or externref is not used...
FacturaScripts: Stored XSS in WidgetVariante and WidgetSubcuenta modal lists via HTML-attribute decoding of `Tools::noHtml`-escaped quotes inside `onclick=`
Summary WidgetVariante::renderVariantList Core/Lib/Widget/WidgetVariante.php:298-330 and WidgetSubcuenta::renderSubaccountList Core/Lib/Widget/WidgetSubcuenta.php:290-321 build the row for each modal hit by concatenating the user-controlled referencia / codsubcuenta field directly into a...
FacturaScripts: CSV formula injection in CSVExport allows authenticated low-priv users to plant payloads that execute when an admin opens the export
Summary Live PoC verified 2026-04-30 against a stock FacturaScripts master at 127.0.0.1:8081. A low-privilege user lowpriv created a customer with nombre = "=SUM1+1cmd|/c calc!A1". An admin then exported ListCliente to CSV via ?action=export&option=CSV. The downloaded file contains the raw payloa...
FacturaScripts: Unauthenticated Path Traversal in Static File Controllers Reads Private MyFiles Documents
Summary The static file controllers in FacturaScripts decide whether a request is authorized by looking at the URL string instead of the canonical filesystem path. A request that starts with an allow-listed folder name but contains a ../ segment in the middle ends up serving a file from a differe...
FacturaScripts: Authenticated SQL injection in the FacturaScripts REST API filter parameter via parenthesis bypass in `Where::sqlColumn`
Summary Live PoC verified 2026-04-30 against a stock FacturaScripts master at 127.0.0.1:8081. A scoped ApiKey with fullaccess=0 and an ApiAccess row granting allowget=1 on the clientes resource only no other rights, no UI session, no admin issued one GET /api/3/clientes?filter0UNION%20SELECT%20.....
OpenCost ServiceKey Endpoint Unauthorized Credential Overwrite/Injection
Summary OpenCost contains an unauthenticated file write vulnerability in the /serviceKey endpoint that allows remote attackers to overwrite the GCP service account key file without authentication. This can lead to service disruption, credential theft, and potential privilege escalation within...
Kimai: ExportTemplate CRUD Missing Authorization Check Allows Unauthorized TEAMLEAD Access
Summary The ExportController web routes for creating and editing export templates are gated only by the class-level createexport permission, which is granted to ROLETEAMLEAD by default. The corresponding API routes and UI button visibility correctly require the stricter createexporttemplate...
Kimai: Pre-2FA KIMAI_SESSION cookie grants full authenticated REST API access, bypassing TOTP
Summary Two-factor authentication TOTP can be fully bypassed for the REST API. The KIMAISESSION cookie returned in the response to the login request; issued after only the password is verified, before the TOTP step; is already accepted as authenticated by every /api/ endpoint. So after submitting...
Kimai: Improper Authorization in Project, Customer, and Activity Rate Edit Endpoints Allows Cross-Scope Rate Manipulation
Summary Kimai 2.56.0 contains an authenticated improper authorization vulnerability in the Web rate editing flows for projects, customers, and activities. A user who can edit one authorized parent object can combine that authorized parent ID with the rate ID of a different, unauthorized parent...
Kimai has Improper Authorization in Team Member and Team Activity Assignment APIs Which Allows Expansion of Team Scope Beyond Authorized Visibility
Summary Kimai contains an authenticated improper authorization vulnerability in Team-related assignment APIs. A Teamlead who can edit their own team can use backend API endpoints to add users or activities that fall outside their intended visible or manageable scope, even when the frontend...
Kimai: Default APP_SECRET in Docker Image Enables Cookie Forgery and Account Takeover
Summary The official Kimai Docker image ships with APPSECRET=changethistosomethingunique as the default environment variable. The Docker entrypoint does not override or validate this value. Any Kimai instance deployed using the Docker image without explicitly setting APPSECRET runs with a...
Kimai: Login CSRF in the Timesheet Stop and Restart API Endpoints Allows Unauthorized State Changes
Summary Kimai 2.56.0 contains authenticated cross-site request forgery issues in its timesheet state-changing API endpoints. The application reuses the browser's existing session for /api/ requests, and both the stop and restart operations are exposed through GET and PATCH routes that directly...
Improper Authorization in Kimai Timesheet Restart and Duplicate Allows New Timesheets After Project Access Revocation
Summary Kimai 2.56.0 contains an authenticated authorization bypass in the timesheet restart and duplicate workflows. After a user loses access to a project, the user can still derive a new timesheet from one of their historical entries and create a new record under that now-unauthorized project...
Kimai: Improper Authorization Through Activity Creation with Preset Project Allows Creation Under Unauthorized Projects
Summary Kimai 2.56.0 contains an authenticated improper authorization vulnerability in the preset-project activity creation flow. A user with the generic createactivity permission, but without access to a target project, can still create a new Activity under that unauthorized project by visiting...
Kimai: Timesheet PATCH/POST allows assigning to project outside user's team via query_builder OR-bypass
Summary The Timesheet API PATCH /api/timesheets/id and POST /api/timesheets endpoints accept a user-supplied project ID and resolve it through a Symfony EntityType whose querybuilder allows the submitted ID to satisfy the access predicate via an unconditional OR branch. As a result, any...
Kimai: Teamlead authorization bypass in GET /api/timesheets allows reading other users' timesheet records without being teamlead of the target
Summary GET /api/timesheets?user= and users= returns the targeted user's timesheet records to any caller that has the viewothertimesheet permission, without verifying that the caller is teamlead of any team containing the target user. The per-record endpoint GET /api/timesheets/id correctly...
Kimai: Login CSRF in Default Team Creation Endpoints Allows Unauthorized Team and Permission Structure Changes
Summary Kimai 2.56.0 contains authenticated cross-site request forgery issues in its default team creation shortcuts for projects, customers, and activities. These endpoints are exposed through GET routes and directly create or reuse a Team, add the current user as teamlead, and bind the target...
Apple App Store Server Python Library: SignedDataVerifier accepts stale OCSP GOOD responses and can bypass certificate revocation checks
Summary SignedDataVerifier attempts to perform online revocation checking when enableonlinechecks=True, but its OCSP validation logic accepts stale GOOD responses as valid indefinitely. In appstoreserverlibrary/signeddataverifier.py, ChainVerifier.checkocspstatus verifies the OCSP response...
json_repair: Circular JSON Schema `$ref` causes unbounded CPU DoS
Circular JSON Schema $ref causes unbounded CPU DoS in jsonrepair Summary SchemaRepairer.resolveschema in jsonrepair follows JSON Schema $ref pointers in an unbounded while loop without any cycle detection. An attacker who can supply a schema containing a self-referencing $ref e.g., via the demo...
FacturaScripts: Account takeover of any 2FA-enabled user
Authentication bypass in FacturaScripts: /login?action=two-factor-validation accepts brute-forceable TOTP without password or CSRF protection Summary Core/Controller/Login.php::twoFactorValidationAction accepts an unauthenticated POST containing only fsNick and fsTwoFactorCode. If the TOTP value...