EUVD-2022-5869

Malicious code in bioql PyPI...

Sensio Labs Twig Path Traversal Vulnerability

Sensio Labs Twig is a PHP templating engine from Sensio Labs, France, which supports custom tags and filters and creates DSLs. A path traversal vulnerability exists in Sensio Labs Twig 1.0.0 and later, versions prior to 1.44.7, 2.0.0 and later, versions prior to 2.15.3, and 3.0.0 and later,...

Twig remote code execution in templates

The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the self variable in a template...

Sensio Labs Twig Injection Vulnerability

Sensio Labs Twig is a PHP template engine from the French company Sensio Labs that supports custom tags and filters and the creation of DSLs. Sensio Labs Twig is vulnerable to injection, which can be exploited by attackers to run arbitrary PHP functions...

Sensio Labs Twig 代码代码注入漏洞

Sensio Labs Twig is a PHP template engine from the French company Sensio Labs that supports custom tags and filters and the creation of DSLs. Sensio Labs Twig is vulnerable to injection, which can be exploited by attackers to run arbitrary PHP functions...

Sensio Labs Symfony 跨站请求伪造漏洞

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools that can be used to quickly create complex web programs. A cross-site request forgery vulnerability exists in...

Sensio Labs Symfony Input Validation Error Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security vulnerability exists in Sensio Labs Symfony...

Unspecified Vulnerability in Sensio Labs Symfony (CNVD-2020-29879)

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . An unspecified vulnerability exists in Sensio Labs Symfony...

Sensio Labs Symfony Code Execution Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A code execution vulnerability exists in Sensio Labs Symfo...

Sensio Labs Symfony Competitive Conditions Issue Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A competitive condition issue vulnerability exists in Sens...

Unspecified Vulnerability in Sensio Labs Symfony

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security vulnerability exists in Sensio Labs Symfony...

Sensio Labs Symfony Code Injection Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A code injection vulnerability exists in Sensio Labs Symfo...

Sensio Labs Symfony Password validator Access Control Error Vulnerability

Sensio Labs Symfony is the French company Sensio Labs a set of free , MVC-based PHP development framework. The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . password validator is one of the password validation program . An...

Sensio Labs Symfony Cross-Site Request Forgery Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A cross-site request forgery vulnerability exists in Sensi...

Sensio Labs Twig Information Disclosure Vulnerability

Sensio Labs Twig is a PHP templating engine from Sensio Labs, France, which supports custom tags and filters and creates DSLs. A security vulnerability exists in the sandbox in Sensio Labs Twig versions prior to 1.38.0 and 2.x versions prior to 2.7.0. The vulnerability can be exploited by an...

Sensio Labs Symfony HttpKernel Header Injection Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework. The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . HttpKernel is one of the use of EventDispatcher components...

Sensio Labs Symfony Security Bypass Vulnerability (CNVD-2018-21473)

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security bypass vulnerability exists in Http Foundation ...

Sensio Labs Symfony Web profiler Cross-Site Scripting Vulnerability

Sensio Labs Symfony is a French company Sensio Labs free , MVC-based PHP development framework , which provides commonly used functional components and tools , can be used to quickly create complex Web programs . Web profiler is one of the Symfony configuration management components . A cross-sit...

Symfony Open Redirect Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework , it provides commonly used functional components and tools , can be used to quickly create complex WEB program . security handlers is one of the security handlers . An open redirect...

DEBIAN-CVE-2018-12040

Reflected Cross-site scripting XSS vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should...