110 matches found
EUVD-2026-9916
OpenClaw versions prior to 2026.2.2 contain an exec approvals must be enabled allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protection by embedding unescaped $ or backticks inside...
GHSA-3HCM-GGVF-RCH5 OpenClaw has an exec allowlist bypass via command substitution/backticks inside double quotes
Summary Exec approvals allowlist bypass via command substitution/backticks inside double quotes. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.2 Impact Only affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are...
CVE-2023-29134
An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit...
EUVD-2025-28220
Malicious code in bioql PyPI...
EUVD-2023-33022
Malicious code in bioql PyPI...
EUVD-2023-28554
Malicious code in bioql PyPI...
Backticks not treated as string delimiters in html/template
...
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
...
BIT-DOLIBARR-2021-33816
The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shellexec are blocked but backticks are not blocked...
CVE-2025-23026
jte Java Template Engine is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with script tags or script attributes that include a Javascript template string backticks are subject to XSS. The javaScriptBlock and javaScriptAttribute methods in th...
GHSA-VH22-6C6H-RM8Q jte's HTML templates containing Javascript template strings are subject to XSS
Summary Jte HTML templates with script tags or script attributes that include a Javascript template string backticks are subject to XSS. Details The javaScriptBlock and javaScriptAttribute methods in the Escape class source do not escape backticks, which are used for Javascript template strings...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection due to the improper neutralization of special elements such as backticks in SQL commands. Remediation Upgrade mediawiki/cargo to version 3.7 or higher. References - Gerrit Mediawiki - GitHub Commit - Wikimedia Phabricator...
CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...
CVE-2024-47849 Backticks can allow the usage of not-allowed SQL functions
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...
RHEL 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3540)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3540 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...
CVE-2023-29134
An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit...
CVE-2023-29134
The CVE-2023-29134 issue affects the MediaWiki Cargo extension (versions through 1.39.3). The root cause is mishandling of backticks in smartSplit within Cargo, leading to vulnerability in the affected component. Documented impact indicates partial integrity and confidentiality concerns and a hig...
PT-2024-12205 · Mediawiki · Mediawiki Cargo Extension
Name of the Vulnerable Software and Affected Versions: MediaWiki Cargo extension versions through 1.39.3 Description: An issue was discovered in the Cargo extension for MediaWiki, where there is mishandling of backticks to smartSplit. Recommendations: For MediaWiki Cargo extension versions throug...
golang: html/template: backticks not treated as string delimiters
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system...
golang: html/template: backticks not treated as string delimiters
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system...