π¨ CVE-2025-23608
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omar Mohamed Mohamoud LIVE TV allows Reflected XSS.This issue affects LIVE TV: from n/a through 1.2.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress LIVE TV Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2025-49337
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janhenckens Dashboard Beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through 1.2.0.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janhenckens Dashboard Beacon allows Stored XSS.This issue affects Dashboard Beacon: from n/a through 1.2.0.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Dashboard Beacon Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2025-49355
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ikaes Accessibility Press allows Stored XSS.This issue affects Accessibility Press: from n/a through 1.0.2.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ikaes Accessibility Press allows Stored XSS.This issue affects Accessibility Press: from n/a through 1.0.2.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Accessibility Press Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2025-59135
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through 1.7.5.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eLEOPARD Behance Portfolio Manager allows Stored XSS.This issue affects Behance Portfolio Manager: from n/a through 1.7.5.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Behance Portfolio Manager Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2025-60541
A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request.
π@cveNotify
A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request.
π@cveNotify
GitHub
GitHub - linshenkx/prompt-optimizer: δΈζ¬Ύζη€Ίθ―δΌεε¨οΌε©εδΊηΌει«θ΄¨ιηζη€Ίθ―
δΈζ¬Ύζη€Ίθ―δΌεε¨οΌε©εδΊηΌει«θ΄¨ιηζη€Ίθ―. Contribute to linshenkx/prompt-optimizer development by creating an account on GitHub.
π¨ CVE-2025-64329
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.
π@cveNotify
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.
π@cveNotify
GitHub
Merge commit from fork Β· containerd/containerd@083b53c
[Carry #1] fix goroutine leak of container Attach
π¨ CVE-2025-64338
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - #156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucketβs Manage Photos feature vulnerable to Stored XSS. The payload is rendered unsafely in the Admin β Manage Photos interface, causing it to execute in the administratorβs browser, therefore allowing an attacker to target administrators and perform actions with elevated privileges. This issue is fixed in version 5.5.2 - #157.
π@cveNotify
ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - #156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucketβs Manage Photos feature vulnerable to Stored XSS. The payload is rendered unsafely in the Admin β Manage Photos interface, causing it to execute in the administratorβs browser, therefore allowing an attacker to target administrators and perform actions with elevated privileges. This issue is fixed in version 5.5.2 - #157.
π@cveNotify
GitHub
Back office : Fix possible XSS injection Β· MacWarrior/clipbucket-v5@8e3cf79
Front office : Fix possible XSS injection (Thanks @Takumi142857 !),Fix photo edition from upload form
Miscellaneous : Cleanup code
Miscellaneous : Cleanup code
π¨ CVE-2025-60876
BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).
π@cveNotify
BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).
π@cveNotify
Gist
CVE-2025-60876 writeup
CVE-2025-60876 writeup. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2025-62780
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch with an arbitrary URL which really points to a web page. Once the HTML content is retrieved, the attacker updates the URL with a JavaScript payload. In the second, an attacker substitutes the URL in an existing watch with a new URL that is in reality a JavaScript payload. When the user clicks on *Preview* and then on the malicious link, the JavaScript malicious code is executed. Version 0.50.34 fixes the issue.
π@cveNotify
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch with an arbitrary URL which really points to a web page. Once the HTML content is retrieved, the attacker updates the URL with a JavaScript payload. In the second, an attacker substitutes the URL in an existing watch with a new URL that is in reality a JavaScript payload. When the user clicks on *Preview* and then on the malicious link, the JavaScript malicious code is executed. Version 0.50.34 fixes the issue.
π@cveNotify
GitHub
Stored XSS in Watch update via API
### Summary
A Stored Cross Site Scripting is present in changedetection.io Watch update API due to unsufficient security checks.
### Details
Tested on changedetection.io version *v0.50.24*...
A Stored Cross Site Scripting is present in changedetection.io Watch update API due to unsufficient security checks.
### Details
Tested on changedetection.io version *v0.50.24*...
π¨ CVE-2024-58280
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensions_userfiles and upload a shell script to the media directory to execute arbitrary code on the server.
π@cveNotify
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensions_userfiles and upload a shell script to the media directory to execute arbitrary code on the server.
π@cveNotify
www.cmsimple.org
CMSimple - Open Source CMS ohne Datenbank - CMSimple
CMS ohne Datenbank - CMSimple - kostenloses Open Source CMS (Content Management System). Das Original. FΓΌr dieses Content Management System wird keine Datenbank benΓΆtigt.
π¨ CVE-2025-67653
Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
π@cveNotify
Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to determine the existence of arbitrary files.
π@cveNotify
GitHub
CSAF/csaf_files/OT/white/2025/icsa-25-352-06.json at develop Β· cisagov/CSAF
CISA CSAF Security Advisories. Contribute to cisagov/CSAF development by creating an account on GitHub.
π¨ CVE-2025-14992
A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
π@cveNotify
A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
π@cveNotify
GitHub
BinaryAudit/PoC/BOF/Tenda_AC18/GetParentControlInfo/GetParentControlInfo.md at main Β· z472421519/BinaryAudit
Contribute to z472421519/BinaryAudit development by creating an account on GitHub.
π¨ CVE-2025-66210
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the Database Import functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. Database names used in import operations are passed directly to shell commands without sanitization, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the Database Import functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. Database names used in import operations are passed directly to shell commands without sanitization, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
GitHub
GitHub - 0xrakan/coolify-cve-2025-66209-66213: Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVEβ¦
Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVE-2025-66212, and CVE-2025-66213 - 0xrakan/coolify-cve-2025-66209-66213
π¨ CVE-2025-66211
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in PostgreSQL Init Script Filename handling allows users with application/service management permissions to execute arbitrary commands as root on managed servers. PostgreSQL initialization script filenames are passed to shell commands without proper validation, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in PostgreSQL Init Script Filename handling allows users with application/service management permissions to execute arbitrary commands as root on managed servers. PostgreSQL initialization script filenames are passed to shell commands without proper validation, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
GitHub
GitHub - 0xrakan/coolify-cve-2025-66209-66213: Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVEβ¦
Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVE-2025-66212, and CVE-2025-66213 - 0xrakan/coolify-cve-2025-66209-66213
π¨ CVE-2025-66212
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the Dynamic Proxy Configuration Filename handling allows users with application/service management permissions to execute arbitrary commands as root on managed servers. Proxy configuration filenames are passed to shell commands without proper escaping, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the Dynamic Proxy Configuration Filename handling allows users with application/service management permissions to execute arbitrary commands as root on managed servers. Proxy configuration filenames are passed to shell commands without proper escaping, enabling full remote code execution. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
GitHub
GitHub - 0xrakan/coolify-cve-2025-66209-66213: Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVEβ¦
Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVE-2025-66212, and CVE-2025-66213 - 0xrakan/coolify-cve-2025-66209-66213
π¨ CVE-2025-66213
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. The file_storage_directory_source parameter is passed directly to shell commands without proper sanitization, enabling full remote code execution on the host system. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions to execute arbitrary commands as root on managed servers. The file_storage_directory_source parameter is passed directly to shell commands without proper sanitization, enabling full remote code execution on the host system. Version 4.0.0-beta.451 fixes the issue.
π@cveNotify
GitHub
GitHub - 0xrakan/coolify-cve-2025-66209-66213: Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVEβ¦
Public security advisory for CVE-2025-66209, CVE-2025-66210, CVE-2025-66211, CVE-2025-66212, and CVE-2025-66213 - 0xrakan/coolify-cve-2025-66209-66213
π¨ CVE-2019-16790
In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
π@cveNotify
In Tiny File Manager before 2.3.9, there is a remote code execution via Upload from URL and Edit/Rename files. Only authenticated users are impacted.
π@cveNotify
GitHub
Merge pull request from GHSA-w72h-v37j-rrwr Β· prasathmani/tinyfilemanager@9a49973
* Fix the RCE vuln via Upload from URL
This commit attemps to fix the Remote Code Execution
(authenticated) via Upload from URL. Some notes about
the proposed solution:
* A new function (fm_is_fi...
This commit attemps to fix the Remote Code Execution
(authenticated) via Upload from URL. Some notes about
the proposed solution:
* A new function (fm_is_fi...
π¨ CVE-2020-12102
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
π@cveNotify
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
π@cveNotify
π¨ CVE-2020-12103
In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored.
π@cveNotify
In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored.
π@cveNotify
π¨ CVE-2021-40964
A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer.
π@cveNotify
A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..\) in order to escape the server's intended working directory and write malicious files onto any directory on the computer.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-40965
A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.
π@cveNotify
A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.
π@cveNotify
Gist
TinyFileManager Vulnerabilities
GitHub Gist: instantly share code, notes, and snippets.