Remote code execution

A Remote Code Execution RCE vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file...

CVE-2022-24708 Stored XSS vulnerability in anuko/timetracker

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. ttUser.class.php in Time Tracker versions prior to 1.20.0.5646 was not escaping primary group name for display. Because of that, it was possible for a logged in user to modify primary group name with element...

CVE-2021-44967

LimeSurvey 5.2.4 is affected by a Remote Code Execution (RCE) via the Upload & Install Plugins function. The vulnerability allows a remote authenticated user to upload an arbitrary PHP code file and execute it on the server (e.g., a reverse shell), as demonstrated by multiple PoCs/exploits linked...

CVE-2021-44967

A Remote Code Execution RCE vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. NOTE: the Supplier's position is that plugins intentionally can contain arbitrary PHP code, and can only be...

CVE-2022-24664

PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts...

CVE-2022-24665

PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via a WordPress gutenberg block by any user able to edit posts...

CVE-2022-24664

PHP Everywhere = 2.0.3 included functionality that allowed execution of PHP Code Snippets via WordPress metaboxes, which could be used by any user able to edit posts. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

PHPUnit Command Injection Vulnerability

PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI...

CVE-2022-23614

Twig is an open source template language for PHP. When in a sandbox mode, the arrow parameter of the sort filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to code injection of...

CVE-2022-23614 Code injection in Twig

Twig is an open source template language for PHP. When in a sandbox mode, the arrow parameter of the sort filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to code injection of...

Ad Inserter < 2.7.11 - Admin+ RCE / Stored XSS

The plugin does not make any security checks regarding the PHP and JS code in blocks, allowing high privilege users such as admin to execute commands on the underlying OS as well as perform Stored Cross-Site Scripting attacks even in multisite blogs and hardened ones. 1. Go to Settings - Ad...

Command Injection

mustache/mustache is vulnerable to command injection. The vulnerability exists in section function of Compiler.php which allows an attacker to control the value of the sections tag and execute arbitrary php code...

Mageia: Security Advisory (MGASA-2017-0141)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0468)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-4RMR-C2JX-VX27 Mustache remote code injection vulnerability

In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strictcallables is true when section value is controllable...

Mustache remote code injection vulnerability

In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strictcallables is true when section value is controllable...

Popup Builder < 4.0.7 - LFI to RCE

The plugin does not validate and sanitise the sgpbtype parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, since the beginning of the string can be controlled, the issue can lead to RCE vulnerability via wrappers such as PHAR Create a zip archiv...

PT-2022-13104 · Mustache +1 · Mustache +1

Name of the Vulnerable Software and Affected Versions: mustache/mustache versions 2.0.0 through 2.14.0 Description: The issue is related to the improper neutralization of special elements used in a template engine. This can lead to arbitrary PHP code execution, even when strict callables is set t...

mustache - Possible Remote Code Execution

huntr.dev reports: In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strictcallables is true when section value is controllable...