GHSA-MMMH-WCXM-2WR4 Spring Security authorization rules can be bypassed via forward or include dispatcher types

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies...

UBUNTU-CVE-2022-31692

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies...

The vulnerability of the Apache Struts software platform, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of the Apache Struts software framework is related to improper code generation during the processing of the includeParams attribute. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...

semba.keizai.biz Cross Site Scripting vulnerability OBB-2965164

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Sensio Labs Twig 路径遍历漏洞

Sensio Labs Twig is a PHP templating engine from Sensio Labs, France, which supports custom tags and filters and creates DSLs. A path traversal vulnerability exists in Sensio Labs Twig 1.0.0 and later, versions prior to 1.44.7, 2.0.0 and later, versions prior to 2.15.3, and 3.0.0 and later,...

CVE-2022-40089

A remote file inclusion RFI vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allowurlinclude is set to On...

CVE-2022-40089

A remote file inclusion RFI vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allowurlinclude is set to On...

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software platform allows a hacker to execute arbitrary code.

The vulnerability of the OGNL expression transformation class implementation in the Apache Struts software platform is related to incorrect code generation during the processing of the includeParams attribute. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a...

ms-mnhradiste.cz Cross Site Scripting vulnerability OBB-2878018

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

aalborgstift.dk Cross Site Scripting vulnerability OBB-2841857

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nobull.com Cross Site Scripting vulnerability OBB-2749158

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Stored XSS via Deserialization of Stylesheets

Description Diagram files can contain stylesheets which basically consist of key value pairs that influence the appearance of digram elements. When adding a stylesheet mxStylesheet element it is possible to execute JavaScript code when used in combination with the internal include element. Usuall...

PHP Code Injection by malicious block or filename in Smarty

Impact Template authors could inject php code by choosing a malicous block name or include file name. Sites that cannot fully trust template authors should update asap. Patches Please upgrade to the most recent version of Smarty v3 or v4. Workarounds Is there a way for users to fix or remediate t...

GHSA-4HCH-R9XF-6VFR MJML vulnerable to path traversal

MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document...

MJML vulnerable to path traversal

MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document...

GHSA-6JF9-8M34-96W5 TeamPass PHP arbitrary file include vulnerability

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal...

TeamPass PHP arbitrary file include vulnerability

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal...

DEBIAN-CVE-2022-29221

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...

UBUNTU-CVE-2022-29221

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...

CVE-2022-0346

The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allowurlinclude is turned on...