14 matches found
RiteCMS Code Execution Vulnerability
RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a code execution vulnerability that stems from a flaw in the parsespecialtags function, which can be exploited by an attacker to cause remote code execution...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
CVE-2025-67172
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parsespecialtags function...
PT-2025-51851
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the parse special tags function...
RiteCMS 安全漏洞
RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a code execution vulnerability that stems from a flaw in the parsespecialtags function, which can be exploited by an attacker to cause remote code execution...
CVE-2025-67172
RiteCMS CVE-2025-67172 affects RiteCMS v3.1.0 and stems from a flaw in the parse_special_tags function, enabling authenticated remote code execution. The vulnerability is documented across multiple sources (NVD, RH, CNVD, OSV, EUVD, CNNVD, CVE lists) with CVSS v3.1 base score 7.2 (HIGH), Attack V...
Improper handling of special tags within script contexts in html/template
...
lxml_html_clean 安全漏洞
lxmlhtmlclean is a separate project of the Fedora Python SIG open source HTML cleanup function copied from lxml.HTML.clean. A security vulnerability exists in versions of lxmlhtmlclean prior to 0.4.0, which stems from improper handling of special tags and is vulnerable to cross-site scripting...
openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3700-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: skopeo security update
An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
SUSE-SU-2023:3701-1 Security update for go1.21
This update for go1.21 fixes the following issues: Update to go1.21.1 bsc1212475. - CVE-2023-39318: Fixed improper handling of HTML-like comments within script contexts in html/template bsc1215084. - CVE-2023-39319: Fixed improper handling of special tags within script contexts in html/template...
SUSE-SU-2023:3700-1 Security update for go1.20
This update for go1.20 fixes the following issues: Update to go1.20.8 bsc1206346. - CVE-2023-39318: Fixed improper handling of HTML-like comments within script contexts in html/template bsc1215084. - CVE-2023-39319: Fixed improper handling of special tags within script contexts in html/template...
GO-2023-2043 Improper handling of special tags within script contexts in html/template
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...