Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2025-26260
- EPSS 0.92%
- Veröffentlicht 12.03.2025 00:00:00
- Zuletzt bearbeitet 02.10.2025 15:55:48
Plenti <= 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. The server executes the uploaded file name in host, and cause code execution.
7.5
CVE-2024-49380
- EPSS 71.46%
- Veröffentlicht 25.10.2024 14:15:12
- Zuletzt bearbeitet 06.05.2025 17:53:30
Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Re...
7.5
CVE-2024-49381
- EPSS 0.4%
- Veröffentlicht 25.10.2024 14:15:12
- Zuletzt bearbeitet 14.11.2024 23:04:21
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to info...
1