EUVD-2021-30809

Malicious code in bioql PyPI...

CVE-2024-7093

Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then...

CVE-2020-25093

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php. within application/views/templates/clothesshop, application/views/templates/onepage, and application/views/templates/redlabel...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-25106 WordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnerability

Cross-Site Request Forgery CSRF vulnerability in FancyWP Starter Templates by FancyWP starter-templates allows Cross Site Request Forgery.This issue affects Starter Templates by FancyWP: from n/a through = 2.0.0...

WordPress plugin Royal Elementor Addons and Templates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of the Layout Templates component of the Oracle BI Publisher software allows a malicious individual to gain access to, modify, or delete data.

The vulnerability of the Layout Templates component in the Oracle BI Publisher reporting software lies in insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain read access, modify data, or even delete data...

WordPress plugin Royal Elementor Addons and Templates security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Royal Elementor Addons and Templates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-42089

Foxit PDF Reader templates Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

WordPress plugin Royal Elementor Addons and Templates security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

The vulnerability of the Royal Elementor Addons and Templates plugin of the WordPress content management system allows a hacker to execute arbitrary code by loading a specially created file.

The vulnerability of the Royal Elementor Addons and Templates plugin of the WordPress content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by downloading ...

CVE-2023-25344

An issue was discovered in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to execute arbitrary code via crafted Object.prototype anonymous function...

swig 安全漏洞

swig is a JavaScript template engine open-sourced by node-swig. A security vulnerability exists in swig-templates thru version 2.0.4 and swig thru version 1.4.2, which originated from a vulnerability that allows an attacker to execute arbitrary code via a crafted Object.prototype anonymous functi...

CVE-2023-25345

Directory traversal vulnerability in swig-templates thru 2.0.4 and swig thru 1.4.2, allows attackers to read arbitrary files via the include or extends tags...

1095h-cli (=1.0.1), 5coder-pages (=0.2.0) +548 more potentially affected by CVE-2023-25345 via swig-templates (>=2.0.2 <=2.0.3)

swig-templates NPM version =2.0.2, =1.0.0, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.0.1-alpha.0 and more Source cves: CVE-2023-25345 Source advisory: SNYK:JS-SWIGTEMPLATES-3266805...

CVE-2022-3073 Quaonos Schema ST4 example templates prone to XSS

Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser...

The vulnerability of the standard library of Windows operating system templates allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of the standard library of Windows operating system templates is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

Improper authorization on /rest/project-templates/1.0/createshared endpoint - CVE-2020-4029

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project names via an improper authorization vulnerability in the /rest/project-templates/1.0/createshared endpoint API endpoint. Affected versions: version 8.5.5 8.6.0 ≤ version 8.7.2 8.8.0 ≤ version...

CVE-2020-2571

Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems component: Templates. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM Server for SPARC executes to compromise...