Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
appercutInfoWatch APPERCUTAPPERCUT:22
HistoryAug 15, 2016 - 12:00 a.m.

Silver Stripe CMS: source code security analysis report

2016-08-1500:00:00
InfoWatch APPERCUT
infowatch.com
540
JSON

Several vulnerabilities were discovered in SilverStripe Limited ‘Silver Stripe CMS’ software:
Incorrect User Input Filtration when Connecting to External Files
File System Path Manipulation
Using Global Variables
Incorrect User Input Filtration when Using the unserialize Function
Incorrect Newline Symbol Filtration in HTTP-response Headers
Hardcoded Credentials
Using Insufficiently Random Generators in Cryptography
  Incorrect Permissions for External Entities During XML Document Processing
Incorrect User Input Filtration when Generating Code on the Fly
Using Obsolete jQuery Methods
Using Insufficiently Random Generators in Cryptography

CPENameOperatorVersion
silver stripe cmsle3.4.1
JSON