7 matches found
EUVD-2021-22092
Malware in sbrugna...
CVE-2021-35450
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute...
CVE-2021-35450
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute...
Sql injection
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute...
CVE-2021-35450
CVE-2021-35450 concerns a Server Side Template Injection in the Entando Admin Console, affecting version 6.3.9 and earlier. The flaw allows a user with privileges to trigger FreeMarker template execution via freemarker.template.utility.Execute, potentially enabling command execution. According to...
CVE-2021-35450
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute...
Entando Admin Console注入漏洞
entando-admin-console is a software application. This project generates an older version of the Entando Admin Console and its required services. A security vulnerability exists in Entando Admin Console 6.3.9 that allows a privileged user to execute a FreeMarker template via the FreeMarker...