Lucene search
+L

280 matches found

EUVD
EUVD
added 2025/12/12 12:30 a.m.7 views

EUVD-2024-55329

FoF Pretty Mail has a server-side template injection vulnerability...

8.6CVSS6.9AI score0.00504EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/12 12:30 a.m.6 views

EUVD-2024-55338

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

8.6CVSS6.9AI score0.00309EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/11 9:35 p.m.20 views

CVE-2024-58293 Akaunting 3.1.8 Server-Side Template Injection via Multiple Form Fields

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic...

8.6CVSS0.00309EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.6 views

Pretty Mail by FriendsOfFlarum 安全漏洞

Pretty Mail by FriendsOfFlarum is an open source tool from Friends of Flarum that allows you to make custom html templates for emails. A security vulnerability exists in Pretty Mail by FriendsOfFlarum version 1.1.2, which stems from a server-side template injection in an email template that could...

8.6CVSS6.9AI score0.00504EPSS
Exploits0References4
OSV
OSV
added 2025/12/04 8:43 p.m.7 views

CVE-2025-66571 UNA CMS 9.0.0-RC1 - 14.0.0-RC4 PHP Object Injection

UNA CMS versions 9.0.0-RC1 - 14.0.0-RC4 contain a PHP object injection vulnerability in BxBaseMenuSetAclLevel.php where the profileid POST parameter is passed to PHP unserialize without proper handling, allowing remote, unauthenticated attackers to inject arbitrary PHP objects and potentially wri...

9.3CVSS6.2AI score0.00522EPSS
Exploits0References7
CVE
CVE
added 2025/11/13 7:27 a.m.22 views

CVE-2025-12844

CVE-2025-12844 affects the WordPress plugin AI Engine (versions up to and including 3.1.8). It describes a PHP Object Injection via PHAR Deserialization in rest_simpleTranscribeAudio and rest_simpleVisionQuery. Impact is limited unless a PHP Object Injection (POP) chain exists in another plugin/t...

7.1CVSS6.6AI score0.00411EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/10/21 12:55 p.m.8 views

WordPress Ajax Search Lite plugin <= 4.13.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Valentinos Chouris in WordPress Plugin Ajax Search Lite versions = 4.13.3...

9.8CVSS7.3AI score0.00231EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/10/16 6:32 p.m.5 views

CVE-2025-62416 bagisto - Server Side Template Injection (SSTI) in Product Description

Bagisto is an open source laravel eCommerce platform. Bagisto v2.3.7 is vulnerable to Server-Side Template Injection SSTI due to unsanitized user input being processed by the server-side templating engine when rendering product descriptions. This allows an attacker with product creation privilege...

5.1CVSS7.7AI score0.00377EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.7 views

Webkul Software Bagisto 安全漏洞

Webkul Software Bagisto is an open source e-commerce framework from Webkul Software, India. A security vulnerability exists in Webkul Software Bagisto version 2.3.7, which stems from the server-side template engine processing uncleaned user input, and could lead to server-side template injection...

6.8CVSS8AI score0.00377EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3105

Malware in sbrugna...

9.1CVSS9.3AI score0.04982EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.40 views

EUVD-2021-1411

Malware in sbrugna...

9.8CVSS9.2AI score0.04821EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-28245

Malware in sbrugna...

7.2CVSS7AI score0.01886EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-32425

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-32424

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0082EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2024-52978

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-28293

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01129EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29045

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00666EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-32423

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7032

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01655EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-32427

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder