3 matches found
SAS/Internet 9.4 1520 - Local File Inclusion
SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library included by default in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro...
CVE-2021-41569
creationtimestamp| type| source ---|---|--- 2021-11-19 20:17:08+00:00| seen| https://t.me/cibsecurity/32718 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41569.yaml 2024-11-22 00:00:00+00:00| seen| The Shadowserver...
CVE-2021-41569
CVE-2021-41569 affects SAS/Internet 9.4 build 1520 and earlier. A local file inclusion exists in the samples library (appstart.sas) where the sample.webcsf1.sas program contains user-controlled macro variables passed to the DS2CSF macro. Attackers can escape the context of the user-controlled var...