Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:20 a.m.4 views

CVE-2024-32406

Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...

7.5CVSS8.1AI score0.01109EPSS
Exploits1References1
NVD
NVD
added 2024/04/26 4:15 a.m.20 views

CVE-2024-32406

Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...

7.5CVSS7.7AI score0.01109EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/26 12:0 a.m.24 views

CVE-2024-32406

Server-Side Template Injection SSTI vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function...

8AI score0.01109EPSS
Exploits1References1
CVE
CVE
added 2024/04/26 12:0 a.m.56 views

CVE-2024-32406

Relate Relate Learning and Teaching System (inducer relate) prior to 2024.1 is affected by a Server-Side Template Injection (SSTI) in the Batch-Issue Exam Tickets function, enabling remote arbitrary code execution. Concrete details across sources specify the vulnerability in inducer relate before...

7.5CVSS8AI score0.01109EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.6 views

relate 安全漏洞

Relate is a web-based learning and teaching environment. A security vulnerability exists in versions prior to relate 2024.1, which stems from a Template Injection SSTI vulnerability in the Batch Issue Exam Tickets feature...

7.5CVSS7AI score0.01109EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2024/04/24 12:0 a.m.325 views

Relate Learning And Teaching System SSTI / Remote Code Execution

Exploit Title: Relate Learning And Teaching system Version before 2024.1 SSTIBatch-Issue Exam Tickets function lead to RCE Date: 24/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.274 views

Relate Cross Site Scripting

Exploit Title: Relate Learning And Teaching system Version before 2024.1 Stored XSS Date: 18/04/2024 Exploit Author: kai6u Vendor Homepage: https://github.com/inducer/ Software Link: https://github.com/inducer/relate Affected Version:before 2024.1...

7.4AI score
Exploits0
Rows per page
Query Builder