Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/02/03 11:32 p.m.35 views

CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload

A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...

6.5CVSS0.00333EPSS
Exploits1References5
CVE
CVE
added 2026/01/08 3:12 p.m.11 views

CVE-2026-22244

OpenMetadata is affected by CVE-2026-22244 due to Server-Side Template Injection (SSTI) in FreeMarker email templates. Affected versions: prior to 1.11.4; exploitation requires administrative privileges and can lead to remote code execution. OpenMetadata 1.11.4 contains a patch. References and Re...

9.4CVSS7.9AI score0.0076EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/10/17 12:0 a.m.8 views

CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

0.0058EPSS
Exploits1References2
OSV
OSV
added 2021/02/19 11:15 p.m.4 views

CVE-2020-12873

An issue was discovered in Alfresco Enterprise Content Management ECM before 6.2.1. A user with privileges to edit a FreeMarker template e.g., a webscript may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco...

8.8CVSS6AI score0.01616EPSS
Exploits1References2
Rows per page
Query Builder