8.7
CVE-2026-34794 - Endian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_ids.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete reβ¦
8.7
CVE-2026-34793 - Endian Firewall /cgi-bin/logs_firewall.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_firewall.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incompleβ¦
8.7
CVE-2026-34792 - Endian Firewall /cgi-bin/logs_clamav.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_clamav.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incompleteβ¦
8.7
CVE-2026-34791 - Endian Firewall /cgi-bin/logs_proxy.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_proxy.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete β¦
7.1
CVE-2026-34790 - Endian Firewall /cgi-bin/backup.cgi remove ARCHIVE Directory Traversal
Endian Firewall version 3.3.25 and prior allow authenticated users to delete arbitrary files via directory traversal in the remove ARCHIVE parameter to /cgi-bin/backup.cgi. The remove ARCHIVE parameter value is used to construct a file path without sanitization of directory traversal sequences, whiβ¦
5.3
CVE-2026-5344 - Textpattern XML-RPC TXP_RPCServer.php mt_uploadImage path traversal
A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt_uploadImage of the file rpc/TXP_RPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the attβ¦
8.7
CVE-2026-34728 - phpMyFAQ: Path Traversal - Arbitrary File Deletion in MediaBrowserController
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index() method handles file deletion for the media browser. When the fileRemove action is triggered, the user-supplied name parameter is concatenated with the base upload directory path without any pβ¦
5.4
CVE-2026-32629 - phpMyFAQ: Stored XSS via Unsanitized Email Field in Admin FAQ Editor
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 (quoted local part) yet contains raw HTML β for example "<script>alert(1)</script>"@evil.com. PHP's FILTER_VALIDAβ¦
7.5
CVE-2026-31937 - Suricata dcerpc: quadratic complexity in dcerpc buffering
Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15.
7.5
CVE-2026-31935 - Suricata http2: unbounded resource consumption
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata process being shut down by the operating system. This issue has been patched in versions 7.0.15 and 8.0.4.