Search Vulnerabilities

OpenMage LTS: Customer File Upload Extension Blocklist Bypass → Remote Code Execution

October CMS: Editor Sub-Permission Bypass for Asset and Blueprint File Operations

October CMS: Reflected XSS via DataTable Form Widget

October CMS has Safe Mode Bypass via Twig Database Write Operations

October CMS has Safe Mode Bypass via CSS Preprocessor Compilers

OpenMage LTS: Cross-user wishlist import leads to private option & file disclosure

OpenMage LTS has a Path Traversal Filter Bypass in Dataflow Module

OpenMage LTS: Phar Deserialization leads to Remote Code Execution

YesWiki vulnerable to authenticated SQL Injection via id_fiche in EntryManager::formatDataBeforeSave()

PHPUnit has Argument injection via newline in PHP INI values that are forwarded to child processes

elFinder: Command injection in resize background color parameter when using ImageMagick CLI

Kimai: Username enumeration via timing on X-AUTH-USER

Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration

Craftql vulnerable to Server-Side Request Forgery

Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog in My Calendar

Statamic: Unsafe method invocation via query value resolution allows data destruction

WWBN AVideo: RCE cause by clonesite plugin

Silverstripe Assets Module has a DBFile::getURL() permission bypass

goodoneuz/pay-uz: the /payment/api/editable/update endpoint overwrites existing PHP payment hook files

Froxlor has Local File Inclusion via path traversal in API `def_language` parameter leads to Remote Code Execution