54 matches found
GHSA-X6M9-38VM-2XHF Scriban has an authorization bypass due to stale include cache surviving TemplateContext.Reset()
Summary TemplateContext.Reset claims that a TemplateContext can be reused safely on the same thread, but it does not clear CachedTemplates. If an application pools TemplateContext objects and uses an ITemplateLoader that resolves content per request, tenant, or user, a previously authorized inclu...
Scriban has an authorization bypass due to stale include cache surviving TemplateContext.Reset()
Summary TemplateContext.Reset claims that a TemplateContext can be reused safely on the same thread, but it does not clear CachedTemplates. If an application pools TemplateContext objects and uses an ITemplateLoader that resolves content per request, tenant, or user, a previously authorized inclu...
VulnCheck KEV: CVE-2023-5815
The News & Blog Designer Pack – WordPress Blog Plugin — Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdpgetmorepost...
GHSA-6J75-5WFJ-GH66 Twig has a possible sandbox bypass
Description Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. The security issue happens when all these conditions are met: The sandbox is disabled globally; The sandbox is enabled via a sandboxed include...
WordPress plugin Web Directory Free 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...
CVE-2024-5762
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2024-5762
CVE-2024-5762 (Zen Cart) : Local File Inclusion leading to Remote Code Execution in the findPluginAdminPage function. Root cause is insufficient validation of user-supplied data before passing it to PHP include, allowing an unauthenticated attacker to execute arbitrary code on affected installati...
CVE-2024-5762 Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2024-5762 Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
PT-2024-37129 · Zen Cart · Zen Cart
Name of the Vulnerable Software and Affected Versions: Zen Cart affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Zen Cart. The specific flaw exists within the findPluginAdminPage function, resulting from the lac...
PT-2024-3331 · D Link · D-Link Dir-845L
Name of the Vulnerable Software and Affected Versions: D-LINK DIR-845L versions =v1.01KRb03 Description: The issue is related to insufficient protection of internal data when handling the file parameter, potentially allowing a remote attacker to gain unauthorized access to protected information...
Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getObjWGFServiceApiByApiName function. The issue results from the lack of prope...
PT-2023-32349 · WordPress · The News & Blog Designer Pack
Name of the Vulnerable Software and Affected Versions: The News & Blog Designer Pack – WordPress Blog Plugin versions up to, and including, 3.4.1 Description: The issue is related to Remote Code Execution via Local File Inclusion. This is due to the bdp get more post function utilizing an unsafe...
Cacti link Local File Inclusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cacti. Authentication is required to exploit this vulnerability. The specific flaw exists within the link endpoint. The issue results from the lack of proper validation of data retrieved from the...
Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Advantech R-SeeNet. Authentication is required to exploit this vulnerability. The specific flaw exists within the devicestatus page. The issue results from the lack of proper validation of user-supplied...
Code injection
The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...
CVE-2023-1274
The Pricing Tables For WPBakery Page Builder formerly Visual Composer WordPress plugin before 3.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...
Luocms 跨站脚本漏洞
Luocms is an article management system. A cross-site scripting vulnerability exists in Luocms v2.0, which stems from a lack of data validation filtering of user-supplied data and output in /admin/news/sortadd.php and /inc/function.php. An attacker could use this vulnerability to execute JavaScrip...
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/languagegeneral.class.php and app/system/include/function/file.func.php...
CVE-2005-3056
TWiki is affected by CVE-2005-3056 due to an arbitrary shell command execution flaw in the Include function. The vulnerability enables an attacker to execute commands on the server when TWiki processes Include, with network access, no authentication, and no user interaction required in the CVSS a...