VYPR
Vendor

Typemill

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2026-49133Jun 17, 2026
    risk 0.00cvss epss 0.00

    Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile() with an…

  • CVE-2026-24127Jan 23, 2026
    risk 0.00cvss epss 0.00

    Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper…

  • CVE-2022-28053Apr 25, 2022
    risk 0.00cvss epss 0.01

    Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.