3 matches found
EUVD-2024-3241
Malicious code in bioql PyPI...
CVE-2023-40035
CVE-2023-40035 affects Craft CMS. The vulnerability arises from bypassing or incomplete path normalization in FileHelper/absolutePath and related system path checks, enabling Remote Code Execution via Twig SSTI when a crafted path escapes system directories. Exploitation is described as requiring...
CVE-2023-40035
creationtimestamp| type| source ---|---|--- 2023-08-19 00:43:09+00:00| published-proof-of-concept| https://github.com/craftcms/cms/security/advisories/GHSA-44wr-rmwq-3phw 2023-08-24 00:14:19+00:00| seen| https://t.me/cibsecurity/69097 2024-11-13 16:07:59+00:00| seen|...