CVE-2026-6984

A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function createtemplate of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in improper neutralization of special elements used in a template engine. The atta...

EUVD-2024-53591

Malicious code in bioql PyPI...

CVE-2024-57450

ChestnutCMS =1.5.0 is vulnerable to File Upload via the Create template function...

CVE-2024-57450

ChestnutCMS =1.5.0 is vulnerable to File Upload via the Create template function...

CVE-2024-57450

ChestnutCMS =1.5.0 is vulnerable to File Upload via the Create template function...

CVE-2023-34209

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...

CVE-2023-34209

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...

CVE-2023-34209 Exposure of Sensitive System Information to an Unauthorized Control Sphere in EasyUse MailHunter Ultimate

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...

PT-2023-24737 · Easyuse · Easyuse Mailhunter Ultimate

Name of the Vulnerable Software and Affected Versions: EasyUse MailHunter Ultimate versions 2023 and earlier Description: The issue allows remote authenticated users to perform arbitrary system commands with ‘NT AuthoritySYSTEM‘ privilege via a crafted ZIP archive. This is due to an unrestricted...