Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-50284 | Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows | |
| CVE-2026-50280 | Craft CMS: Authorization bypass in `entries/move-to-section` via missing target-section sa | |
| CVE-2026-50279 | Craft CMS: Authorship spoofing in `entries/save-entry` via pre-check/post-mutation authori | |
| CVE-2026-50283 | Craft CMS: Unauthorized Deletion of Source Assets During File Replacement | |
| CVE-2026-55793 | Craft CMS: Stored XSS via Structure entry title in table view | |
| CVE-2026-55790 | Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget | |
| CVE-2026-55792 | Craft CMS: Sensitive File Disclosure / Server-Side File Read | |
| CVE-2026-55794 | Craft CMS: Potential authenticated Remote Code Execution via referrer redirect |
No comments yet