8 matches found
VulnCheck KEV: CVE-2020-9757
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller...
GHSA-6Q4J-8PJM-5MGC SEOmatic for CraftCMS allows Server-Side Template Injection
The Seomatic component before 3.2.46 for Craft CMS allows Server-Side Template Injection and information disclosure via malformed data to the metacontainers controller...
Server-Side Template Injection (SSTI)
nystudio107/craft-seomatic is vulnerable to server-side template injection. Lack of validation and sanitization allows an attacker to inject and execute arbitrary template variables that can lead to code execution via malicious data to the metacontainers controller...
CVE-2020-9757
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller...
CVE-2020-9757
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller...
Sql injection
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller...
CVE-2020-9757
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller...
CVE-2020-9757
The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads to RCE via malformed data to the metacontainers controller. Recent assessments: Mad-robot at July 05, 2020 1:31pm UTC reported: Description- The SEOmatic component before 3.3.0 for Craft CMS allows...