8.7
CVE-2026-34797 - Endian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_smtp.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete rโฆ
8.7
CVE-2026-34796 - Endian Firewall /cgi-bin/logs_openvpn.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_openvpn.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incompletโฆ
8.7
CVE-2026-34795 - Endian Firewall /cgi-bin/logs_log.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_log.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete reโฆ
8.7
CVE-2026-34794 - Endian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_ids.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete reโฆ
8.7
CVE-2026-34793 - Endian Firewall /cgi-bin/logs_firewall.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_firewall.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incompleโฆ
8.7
CVE-2026-34792 - Endian Firewall /cgi-bin/logs_clamav.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_clamav.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incompleteโฆ
8.7
CVE-2026-34791 - Endian Firewall /cgi-bin/logs_proxy.cgi DATE Perl Command Injection
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_proxy.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete โฆ
7.1
CVE-2026-34790 - Endian Firewall /cgi-bin/backup.cgi remove ARCHIVE Directory Traversal
Endian Firewall version 3.3.25 and prior allow authenticated users to delete arbitrary files via directory traversal in the remove ARCHIVE parameter to /cgi-bin/backup.cgi. The remove ARCHIVE parameter value is used to construct a file path without sanitization of directory traversal sequences, whiโฆ
5.3
CVE-2026-5344 - Textpattern XML-RPC TXP_RPCServer.php mt_uploadImage path traversal
A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt_uploadImage of the file rpc/TXP_RPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the attโฆ
8.7
CVE-2026-34728 - phpMyFAQ: Path Traversal - Arbitrary File Deletion in MediaBrowserController
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index() method handles file deletion for the media browser. When the fileRemove action is triggered, the user-supplied name parameter is concatenated with the base upload directory path without any pโฆ