📦 Kirby

This is a path traversal vulnerability in Kirby CMS that allows attackers to access and execute arbitrary files on the server when dynamic collection names are used. It affects Kirby sites using the c...

This is a path traversal vulnerability in Kirby CMS that allows attackers to read and execute arbitrary files on the server when dynamic snippet names are used. It affects Kirby sites using the snippe...

This vulnerability in Kirby CMS allows attackers with Panel access to manipulate language definitions despite permission restrictions. Users with restricted roles could update existing language defini...

This CVE describes a stored cross-site scripting (XSS) vulnerability in Kirby CMS's image block functionality. Authenticated attackers can inject malicious HTML into image source, alt, and link fields...

This vulnerability allows cross-site scripting (XSS) attacks in Kirby CMS Panel's ListItem component. Authenticated Panel users can escalate privileges by exploiting admin sessions, while visitors wit...

This vulnerability allows users with restricted permissions to bypass intended write restrictions in Kirby CMS. Attackers with authenticated access can modify site content even when their role is conf...

This is a stored cross-site scripting (XSS) vulnerability in Kirby CMS where attackers with Panel access can inject malicious code into page titles or usernames. When another authenticated user views ...