Lucene search
+L

12 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-1337

Malicious code in bioql PyPI...

10CVSS8.8AI score0.01082EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/22 6:54 p.m.6 views

CVE-2021-46433

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS7.8AI score0.01082EPSS
Exploits0
cnvd
cnvd
added 2022/03/30 12:0 a.m.51 views

fenom code injection vulnerability

fenom is a lightweight and fast PHP template engine. fenom 2.12.1 and earlier versions are vulnerable to code injection, which stems from a failure to properly filter the construct command special characters, commands, etc. in the getTemplateCode function of fenom/src/Fenom/Template.php, which ca...

10CVSS4.5AI score0.01082EPSS
Exploits0References1
osv
osv
added 2022/03/29 12:1 a.m.14 views

GHSA-674V-3G2W-84GX Sandbox bypass in fenom

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS9.8AI score0.01082EPSS
Exploits0References3
github
github
added 2022/03/29 12:1 a.m.34 views

Sandbox bypass in fenom

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS3.1AI score0.01082EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2022/03/28 11:15 a.m.28 views

CVE-2021-46433

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS0.01082EPSS
Exploits0References1
osv
osv
added 2022/03/28 11:15 a.m.16 views

CVE-2021-46433

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS9.8AI score
Exploits0References1
attackerkb
attackerkb
added 2022/03/28 11:15 a.m.9 views

CVE-2021-46433

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10CVSS8.2AI score0.01082EPSS
Exploits0References2
prion
prion
added 2022/03/28 11:15 a.m.18 views

Spoofing

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

6.8CVSS9.8AI score0.01082EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/03/28 10:51 a.m.32 views

CVE-2021-46433

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...

10AI score0.01082EPSS
Exploits0References1
cve
cve
added 2022/03/28 10:51 a.m.94 views

CVE-2021-46433

CVE-2021-46433 concerns Fenom (PHP template engine) up to version 2.12.1 and earlier. The vulnerability lies in fenom/src/Fenom/Template.php, function getTemplateCode(), where a sandbox bypass can occur when disable_native_funcs is true, enabling arbitrary PHP code execution. Public records acros...

10CVSS9.8AI score0.01082EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2022/03/28 12:0 a.m.4 views

fenom 安全漏洞

fenom is a lightweight and fast PHP template engine. fenom 2.12.1 and earlier versions are vulnerable to code injection, which stems from a failure to properly filter the construct command special characters, commands, etc. in the getTemplateCode function of fenom/src/Fenom/Template.php, which ca...

10CVSS6.2AI score0.01082EPSS
Exploits0References2
Rows per page
Query Builder