20 matches found
linux-security-tools
Linux Security Tools Linux security tools, scanners, crackers...
EUVD-2022-32160
Malicious code in bioql PyPI...
EUVD-2023-50982
Malicious code in bioql PyPI...
CVE-2025-54872
onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were...
CVE-2025-54872
onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were...
Onion Site Template 信任管理问题漏洞
Onion Site Template is a self-hosted example from Vessel9817 Individual Developer. Onion Site Template suffers from a trust management issue vulnerability that stems from the inclusion of a fixed tor mirror, which could lead to a compromised website...
CVE-2025-54872 onion-site-template tor Secrets Baked Into Image
onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were...
CVE-2025-54872 onion-site-template tor Secrets Baked Into Image
onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were...
PT-2025-32004 · Unknown · Onion-Site-Template
Name of the Vulnerable Software and Affected Versions: onion-site-template versions including commit 3196bd89 Description: onion-site-template, a complete and scalable Tor hidden service self-hosting sample, contains a baked-in Tor image when secrets are copied from an existing onion domain. A...
CVE-2023-46816
An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. A Server Site Template Injection SSTI vulnerability has been identified in the GecControl action. By using a crafted request, custom PHP code can be injected via the GetControl action because of missing input validation. A...
K24248011: Traffix SDC Configuration utility vulnerability CVE-2022-27662
Security Advisory Description A stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server. CVE-2022-27662 Impact If successful, a...
PT-2022-04: Cross Site Template Injection (CSTI)
Input validation was missing while creating the working set, in working set manager application. Nokia NetAct users can create a Working Set with a name that injects a client-side template Injection payloads. The attack can only be performed by an internal user. The vulnerability is fixed in NetA...
MAL-2022-6133 Malicious code in site-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e075d427082f3f44192d5a74dbea3f7c29af746eb9fdea5c30808e8c2b7a8bda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in site-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e075d427082f3f44192d5a74dbea3f7c29af746eb9fdea5c30808e8c2b7a8bda Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
F5 Traffix SDC Cross-Site Template Injection Vulnerability
F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5 USA, Inc. F5 Traffix SDC is vulnerable to cross-site template injection, which can be exploited by attackers to execute language-specific commands in the template server context...
CVE-2022-27662
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...
CVE-2022-27662
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...
CVE-2022-27662
CVE-2022-27662 affects F5 Traffix SDC: stored Cross-Site Template Injection in the Traffix SDC Configuration utility. Affected versions are 5.2.x prior to 5.2.2 and 5.1.x prior to 5.1.35. The underlying issue enables an attacker to execute template language-specific instructions in the server con...
F5 Traffix SDC 安全漏洞
F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5 USA, Inc. F5 Traffix SDC is vulnerable to cross-site template injection, which can be exploited by attackers to execute language-specific commands in the template server context...
CVE-2022-27662
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...