19 matches found
Exploit for Code Injection in Sabberworm Php_Css_Parser
CVE-2020-13756 Vulnerable Environment Vulnerable test environ...
[SECURITY] [DLA 4333-1] php-horde-css-parser security update
Debian LTS Advisory DLA-4333-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson October 14, 2025 https://wiki.debian.org/LTS Package : php-horde-css-parser Version : 1.0.11-8+deb11u1 CVE ID : CVE-2020-13756 Debian Bug : Sabberworm PHP CSS Parser before 8.3.1 cal...
Debian dla-4333 : php-horde-css-parser - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4333 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4333-1 [email protected] https://www.debian.org/lts/security/...
Linux Distros Unpatched Vulnerability : CVE-2020-13756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or...
GHSA-PHRQ-V4Q2-HMQ6 Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors()
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors()
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
Remote Code Execution
sabberworm/php-css-parser is vulnerable to remote code execution. Untrusted user input is passed into eval when the functions allSelectors or getSelectorsBySpecificity are called which will lead to arbitrary code execution...
DEBIAN-CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
Remote code execution
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
UBUNTU-CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser vulnerability CVE-2020-13756: before 8.3.1, the code calls eval on untrusted data via getSelectorsBySpecificity() or allSelectors(), enabling potential remote code execution. Affected product is Sabberworm PHP CSS Parser (and the php-horde-css-parser bundle). The issue i...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...
CVE-2020-13756
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
PT-2020-13657 · Sabberworm +2 · Sabberworm Php Css Parser +2
Name of the Vulnerable Software and Affected Versions: Sabberworm PHP CSS Parser versions prior to 8.3.1 php-horde-css-parser version 1.0.8-1ubuntu1+esm1 and earlier Description: The issue is related to the parsing of uncontrolled CSS data, which could lead to remote code execution. The functions...
Sabberworm PHP CSS Code Injection
Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score ------------------------------------------------- 8.6 -...
Sabberworm PHP CSS Code Injection Vulnerability
Exploit for php platform in category web applications Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score...