|
91
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check canView on the calendar which results in restricted event details being…
New
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2026-8205
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar block can be used as a pivot…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-8204
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any user with editor privileges can inject malicious JavaScript that execute…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-8203
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth authorize template renders the integration name (admin-controlled) through Concrete's t() translation he…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-8197
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/install/download/<remoteId>. The download() method in concrete/controllers/single_page/dash…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-8140
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntryList block controller. An rogue administrator with privileges to add …
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-8135
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue a…
New
|
CWE-23
CWE-98
CWE-434
Relative Path Traversal
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-8134
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
- |
|
-
|
-
|
Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs…
New
|
CWE-200
Information Exposure
|
CVE-2026-6826
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
8.8 |
HIGH
Network
|
-
|
-
|
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restri…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-47102
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
8.8 |
HIGH
Network
|
-
|
-
|
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored with…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-47101
|
2026-05-22 06:16 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
