Lucene search
K

4 matches found

Veracode
Veracode
added 2024/05/29 6:39 a.m.8 views

Code Injection

silverstripe/framework is vulnerable to Code Injection. The vulnerability is due to the improper handling of associative arrays in the second argument of renderWith, where unsanitized user input can be passed directly as a value...

7.2AI score
Exploits0
OSV
OSV
added 2024/05/27 11:7 p.m.5 views

GHSA-VGXH-X8JV-HMFF silverstripe/framework code execution vulnerability

There is a vulnerability whereby arbitrary global functions may be executed if malicious user input is passed through to in the second argument of ViewableData::renderWith. This argument resolves associative arrays as template placeholders. This exploit requires that user code has been written...

7.5CVSS7.3AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/05/27 11:7 p.m.10 views

silverstripe/framework code execution vulnerability

There is a vulnerability whereby arbitrary global functions may be executed if malicious user input is passed through to in the second argument of ViewableData::renderWith. This argument resolves associative arrays as template placeholders. This exploit requires that user code has been written...

7.3AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.12 views

PT-2024-40477 · Silverstripe · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: Silverstripe Framework affected versions not specified Description: The issue allows arbitrary global functions to be executed if malicious user input is passed through as the second argument of ViewableData::renderWith. This occurs when the...

7.5CVSS7.1AI score
Exploits0References5
Rows per page
Query Builder