Lucene search
K

5 matches found

NVD
NVD
added 2018/08/06 8:29 p.m.21 views

CVE-2018-14716

A Server Side Template Injection SSTI was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code...

7.5CVSS7.7AI score0.33034EPSS
Exploits3References6
Cvelist
Cvelist
added 2018/08/06 8:0 p.m.23 views

CVE-2018-14716

A Server Side Template Injection SSTI was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code...

7.7AI score0.33034EPSS
Exploits3References6
CVE
CVE
added 2018/08/06 8:0 p.m.68 views

CVE-2018-14716

CVE-2018-14716 affects the SEOmatic plugin for Craft CMS (before 3.1.4). A Server Side Template Injection (SSTI) occurs because requests that don’t match any elements cause an incorrect canonicalUrl, enabling execution of Twig code. Documented exploits exist (exploit-db PoC) and public advisories...

7.5CVSS7.6AI score0.33034EPSS
Exploits3References6Affected Software1
Circl
Circl
added 2018/07/31 1:56 p.m.6 views

CVE-2018-14716

creationtimestamp| type| source ---|---|--- 2018-07-31 13:56:42+00:00| published-proof-of-concept| https://t.me/antichat/1854 2018-07-31 15:30:30+00:00| published-proof-of-concept| https://t.me/canyoupwnme/4182...

7.5CVSS7.4AI score0.33034EPSS
Exploits3References2
exploitpack
exploitpack
added 2018/07/31 12:0 a.m.31 views

Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection

Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection Exploit Title: Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection Date: 2018-07-20 Software Link: https://github.com/nystudio107/craft-seomatic Exploit Author: Sebastian Kriesten 0xB455 Contact:...

5CVSS7.8AI score0.33034EPSS
Exploits3
Rows per page
Query Builder