Lucene search
K

1042 matches found

GithubExploit
GithubExploit
added 2026/05/27 8:6 a.m.103 views

web-vulnerabilities-labs

Web Vulnerabilities Labs Notes techniques issues de labs web...

5.9AI score
Exploits0
CVE
CVE
added 2026/05/26 8:46 p.m.28 views

CVE-2026-44209

Banks prompt templating (banks) is vulnerable prior to version 2.4.2 due to an unsandboxed jinja2.Environment() when rendering prompt templates. If applications pass user-supplied strings as the template argument to Prompt(), this SSTI can lead to Remote Code Execution on the host. The issue is f...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 8:46 p.m.17 views

EUVD-2026-31997

Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment unsandboxed to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt are vulnerable to Server-Side Template Injection...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/19 3:31 p.m.10 views

GlassFish's gadget handler is vulnerable to RCE

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

9.6CVSS6AI score0.00628EPSS
Exploits2References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/19 2:3 p.m.8 views

CVE-2026-2587

A critical Remote Code Execution RCE vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evaluates user-supplied values within a context where Expression Language EL “expressions” are processed...

9.6CVSS6.2AI score0.00628EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2026/05/19 9:24 a.m.43 views

CVE-2026-31380 Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass

Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

0.00487EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 9:18 a.m.8 views

CVE-2026-29207 Apache OFBiz: Low-Privilege SSTI Leading to RCE in the Content Component

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with...

5.7AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 9:18 a.m.50 views

CVE-2026-29207 Apache OFBiz: Low-Privilege SSTI Leading to RCE in the Content Component

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with...

0.00541EPSS
Exploits0References1
Broadcom
Broadcom
added 2026/05/19 12:0 a.m.13 views

Flask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template Injection (CVE-2026-27641)

Flask-Reuploaded provides file uploads for Flask. A critical path traversal and extension bypass vulnerability in versions prior to 1.5.0 allows remote attackers to achieve arbitrary file write and remote code execution through Server-Side Template Injection SSTI. Flask-Reuploaded has been patche...

9.8CVSS6.5AI score0.01046EPSS
Exploits1
OSV
OSV
added 2026/05/18 5:23 p.m.6 views

GHSA-X7M9-MWC2-G6W2 Formie: Pre-authenticated server-side template injection in Hidden fields

Impact - Unauthenticated users could submit crafted values into Hidden fields with Default value → Custom that were evaluated as Twig during submission handling, which could lead to serious compromise of the Craft site depending on template/sandbox behavior. - Sites with public Formie forms that...

9.8CVSS5.7AI score0.00475EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2026/05/14 12:0 a.m.65 views

📄 WordPress Supsystic Contact Form 1.7.36 Server-Side Template Injection

Proof of concept code execution exploit for a server-side template injection vulnerability in WordPress Supsystic Contact Form plugin versions 1.7.36 and below Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI Date: 3/30/2026 Exploit Author: bootstrapbool Vendor Homepage:...

9.8CVSS6.2AI score0.41475EPSS
Exploits9
Cvelist
Cvelist
added 2026/05/13 8:36 p.m.32 views

CVE-2026-44377 CubeCart: Server-Side Template Injection (SSTI) in Smarty Templates leading to RCE

CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection SSTI vulnerability exists in multiple modules of CubeCart including Email Templates and Documents. The application unsafely evaluates user-supplied input directly through the Smarty templat...

9.1CVSS0.00735EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 8:36 p.m.15 views

CVE-2026-44377

CVE-2026-44377 affects CubeCart before version 6.7.0. It describes an authenticated SSTI in multiple modules (including Email Templates and Documents) where user-supplied input is unsafely evaluated by the Smarty template engine. An authenticated administrator can bypass restrictions and invoke n...

9.1CVSS5.9AI score0.00735EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 2:21 p.m.29 views

CVE-2026-44129

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code executio...

8.3CVSS6.7AI score0.00535EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 11:16 p.m.34 views

CVE-2026-41901

Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous...

9CVSS0.00427EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 10:35 p.m.54 views

CVE-2026-41901 Thymeleaf: Improper recognition of unauthorized syntax patterns in sandboxed Thymeleaf expressions

Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous...

9CVSS0.00427EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/05/11 12:0 a.m.116 views

📄 Contact Form by Supsystic 1.7.36 Server-Side Template Injection

Contact Form by Supsystic versions 1.7.36 and below server-side template injection exploit that achieves remote code execution. import requests import argparse import re import urllib.parse def checksstiurl, fieldname: printf" Testing SSTI on url with field fieldname..." Simple arithmetic test...

9.8CVSS6.1AI score0.41475EPSS
Exploits9
NVD
NVD
added 2026/05/08 2:16 p.m.17 views

CVE-2026-44129

SEPPmail Secure Email Gateway before version 15.0.4 contains a server-side template injection vulnerability in the new GINA UI because an endpoint accepts attacker-controlled template, allowing remote attackers to execute arbitrary template expressions and potentially achieve remote code executio...

8.3CVSS0.00535EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 1:14 p.m.27 views

CVE-2026-44129

CVE-2026-44129 affects SEPPmail Secure Email Gateway prior to version 15.0.4, where a server-side template injection exists in the new GINA UI. An endpoint accepts attacker-controlled templates, enabling remote attackers to execute arbitrary template expressions and potentially achieve remote cod...

8.3CVSS6.7AI score0.00535EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 6:16 a.m.21 views

CVE-2024-46507

A SSTI server side template injection vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server...

7.3CVSS0.03919EPSS
Exploits2References1
Rows per page
Query Builder