64 matches found
CVE-2026-5987
A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...
CVE-2026-31380 Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass
Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...
EUVD-2026-29749
An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...
CVE-2026-8431
An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...
CVE-2026-8431 Ops Manager RCE via webhook body
An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...
CVE-2026-8431 Ops Manager RCE via webhook body
An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...
CVE-2026-8431
MongoDB Ops Manager versions affected: 7.0 and 8.0.22 and earlier. The vulnerability arises from the Webhook feature: an administrative user who can configure webhooks can trigger arbitrary commands by including specific FreeMarker template syntax in webhook payloads. This is a remote-network, hi...
EUVD-2026-21237
A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...
CVE-2026-5987
Summary (CVE-2026-5987): Sanluan PublicCMS uses the FreeMarker Template Handler; the issue is in AbstractFreemarkerView.doRender, within publiccms-core, possibly up to version 6.202506.d. The vulnerability arises from improper neutralization of special elements in the template engine, enabling re...
CVE-2026-5987 Sanluan PublicCMS FreeMarker Template AbstractFreemarkerView.java AbstractFreemarkerView.doRender special elements used in a template engine
A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...
EUVD-2026-10228
A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...
CVE-2026-3725
A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...
CVE-2026-3725
A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...
CVE-2026-3725
A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...
CVE-2026-3725
CVE-2026-3725 affects 1024-lab/lab1024 SmartAdmin up to version 3.29. The issue resides in the FreeMarker Template Handler, specifically the function freemarkerResolverContent in MailService.java. Manipulating the argument template_content can lead to improper neutralization of special elements u...
CVE-2026-3725 1024-lab/lab1024 SmartAdmin FreeMarker Template MailService.java freemarkerResolverContent special elements used in a template engine
A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of th...
PT-2026-23930
Name of the Vulnerable Software and Affected Versions 1024-lab/lab1024 SmartAdmin versions up to 3.29 Description A flaw exists in the freemarkerResolverContent function within the FreeMarker Template Handler component, specifically in the file...
datart 安全漏洞
Datart is an open-source data visualization platform developed by running-elephant. Version Datart v1.0.0-rc.3 contains a security vulnerability. This vulnerability stems from the improper cleaning of SQL script field inputs by the Freemarker template engine. It could allow authenticated attacker...
PT-2026-20267
Name of the Vulnerable Software and Affected Versions Datart version 1.0.0-rc.3 Description A Server-Side Template Injection SSTI flaw exists in the Freemarker template engine of Datart. Authenticated attackers can execute arbitrary code by injecting crafted Freemarker template syntax into the SQ...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...