9 matches found
CVE-2026-27629
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
CVE-2026-27629
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
CVE-2026-27629 InvenTree Vulnerable to Server Side Template Injection (SSTI)
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
EUVD-2026-8602
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
CVE-2026-27629 InvenTree Vulnerable to Server Side Template Injection (SSTI)
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
CVE-2026-27629
InvenTree prior to v1.2.3 is affected by a server-side template vulnerability in batch code generation. A staff user can modify the customizable Jinja2 template used during batch code creation via the API; if another user triggers the API call, the template executes in their user context, potenti...
CVE-2026-27629 InvenTree Vulnerable to Server Side Template Injection (SSTI)
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified b...
PT-2026-21846
Name of the Vulnerable Software and Affected Versions InvenTree versions prior to 1.2.3 Description InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom...
Microsoft WinXP sp2/sp3 local system privilege escalation exploit
Exploit for windows platform in category local exploits Microsoft WinXP sp2/sp3 local system privilege escalation exploit Platform: Windows XP SP2/SP3 Type: local Exploit Author: Todor Donev [email protected] Good luck and Have fun!! Kind regards to so sweet baby Tsvetelina Emirska Thank you...