EUVD-2020-12605

Malware in sbrugna...

Server-Side Template Injection (SSTI)

pyrocms/pyrocms is vulnerable to Server-Side Template Injection SSTI. The vulnerability exists due to dynamic templates used to generate web pages, which allows an admin authenticated attacker to inject a command which will execute arbitrary code on the server...

OTRS AG OTRSTicketForms Information Disclosure Vulnerability

OTRS AG OTRSTicketForms is a functional add-on from OTRS Germany. Using it it is possible to display different ticket masks and forms in the agent and external interfaces, depending on which dynamic fields are relevant for the customer request. An information disclosure vulnerability exists in OT...

CVE-2020-1779

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

CVE-2020-1779

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

CVE-2020-1779

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

UBUNTU-CVE-2020-1779

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

Information disclosure

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

CVE-2020-1779 Dynamic templates reveal sensitive data when OTRS tags are used

When dynamic templates are used OTRSTicketForms, admin can use OTRS tags which are not masked properly and can reveal sensitive information. This issue affects: OTRS AG OTRSTicketForms 6.0.x version 6.0.40 and prior versions; 7.0.x version 7.0.29 and prior versions; 8.0.x version 8.0.3 and prior...

CVE-2020-1779

CVE-2020-1779 – Information disclosure in OTRS TicketForms : The issue affects OTRS AG OTRSTicketForms across 6.0.x (up to 6.0.40), 7.0.x (up to 7.0.29), and 8.0.x (up to 8.0.3). When dynamic templates are used, administrators can insert OTRS tags that are not properly masked, potentially reveali...

OTRS AG OTRSTicketForms 信息泄露漏洞

OTRS AG OTRSTicketForms is a functional add-on from OTRS Germany. Using it it is possible to display different ticket masks and forms in the agent and external interfaces, depending on which dynamic fields are relevant for the customer request. An information disclosure vulnerability exists in OT...

WD-CMS 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------...

Set sail for the enterprise built Station system cookie injection vulnerability-vulnerability warning-the black bar safety net

Sail mechanical and electrical equipment enterprise built Station system, The system do businesses stand dynamic templates, code interface separation, is a set of website user with no technical threshold, simple operation, convenient maintenance, powerful, secure and reliable website tool. Websit...

WD-CMS 3.0 XSS / File Disclosure

Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------- WD-CMS 3.0 Multiple Vulnerabiliti...

WD-CMS 3.0 - Multiple Vulnerabilities

WD-CMS 3.0 - Multiple Vulnerabilities Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3...

WD-CMS 3.0 - Multiple Vulnerabilities

Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------- WD-CMS 3.0 Multiple Vulnerabiliti...

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...