2 matches found
VulnCheck KEV: CVE-2025-34300
A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands...
The vulnerability of the ciwweb.pl script, a software used for creating and conducting surveys with Lighthouse Studio, allows a perpetrator to execute arbitrary code.
The vulnerability of the ciwweb.pl script used by Lighthouse Studio for creating and conducting surveys is related to the improper elimination of special elements used in the templater. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...