28 matches found
PT-2021-23459 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 1.3.0 Description: The issue allows SQL injection when a malicious authenticated user sends an HTTP request with a custom URL, but only when Apache Superset is configured with ENABLE TEMPLATE...
Apache Superset up SQL注入漏洞
Apache Superset is a modern enterprise-grade business intelligence web application. Apache Superset 1.3.0 and earlier versions have a SQL injection vulnerability when ENABLETEMPLATEPROCESSING is enabled. An authenticated attacker can exploit this vulnerability by sending an http request with a...
Remote Code Execution (RCE)
Cobbler is vulnerable to Remote Code Execution RCE. A code injection flaw was found in the way Cobbler processed templates for kickstart files. A remote, authenticated user, that has the Configuration Administrator role privilege, could use this flaw to create a specially-crafted kickstart templa...
CVE-2020-7931
In Artifactory 5.x–6.x, insecure FreeMarker template processing allows remote code execution. The root cause is the DefaultObjectWrapper exposing Java functions to templates, enabling actions such as modifying a user’s .ssh/authorized_keys. Affected versions range from 5.11.8 to 6.16.0, with patc...
Foxit Reader XFA Form Template Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
CVE-2019-6764
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Replication job task fails with "Cannot process VM, template processing is disabled"
Challenge A Replication job displays the following error message for a VM that was previously able to be replicated: Task failed. Error: Cannot process vm-: template processing is disabled Copy Cause This issue occurs when a VM that was added to a replication job is converted to a template...
DEDECMS website management system template execution vulnerability-vulnerability warning-the black bar safety net
DEDECMS website management system template execution vulnerability One not careful, your server will be hacked, such as database password is too simple, the server password is too simple, or CMS system vulnerabilities. The following is a DEDE of the template execution vulnerability. Vulnerability...