CVE-2023-4450 jeecgboot JimuReport Template injection

A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed t...

PT-2023-29265 · Unknown · Jeecgboot Jimureport

Name of the Vulnerable Software and Affected Versions: jeecgboot JimuReport versions up to 1.6.0 Description: A critical issue was found in the Template Handler component, allowing for remote injection attacks. The exploit has been disclosed publicly. Recommendations: For jeecgboot JimuReport...

CVE-2023-3085

A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10b202303061504. This issue affects the function runaction of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument requestpath leads ...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10b202303061504. This issue affects the function runaction of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument requestpath leads ...

SUSE CVE-2002-1700

Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...

UBUNTU-CVE-2022-4729

A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

GHSA-287Q-JFCP-9VHV django-photologue vulnerable to Cross-site Scripting

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photodetail.html of the component Default Template Handler. The manipulation of the argument object.caption...

django-photologue vulnerable to Cross-site Scripting

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photodetail.html of the component Default Template Handler. The manipulation of the argument object.caption...

PYSEC-2022-43061

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photodetail.html of the component Default Template Handler. The manipulation of the argument object.caption...

PYSEC-2022-43061

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photodetail.html of the component Default Template Handler. The manipulation of the argument object.caption...

CVE-2022-4526 django-photologue Default Template photo_detail.html cross site scripting

A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some unknown functionality of the file photologue/templates/photologue/photodetail.html of the component Default Template Handler. The manipulation of the argument object.caption...

Django-photologue 跨站脚本漏洞

Django-photologue is a powerful image management and gallery application for the Django web framework by Richard Barran, an individual developer. A security vulnerability exists in Django-photologue versions prior to 3.15.1, which stems from some unknown functionality in the Default Template...

PT-2022-27451 · Unknown · Django-Photologue

Name of the Vulnerable Software and Affected Versions: django-photologue versions up to 3.15.1 Description: A vulnerability was found in the Default Template Handler component, specifically in the file photologue/templates/photologue/photo detail.html. The manipulation of the object.caption...

CVE-2022-4526

The CVE-2022-4526 issue affects django-photologue versions up to 3.15.1. Affected code in photologue/templates/photologue/photo_detail.html, within the Default Template Handler, allows manipulation of the caption parameter (object.caption) to trigger cross-site scripting (XSS). The vulnerability ...

CVE-2022-4300

A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and...

Design/Logic Flaw

A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and...

PT-2022-26701 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: FastCMS affected versions not specified Description: A critical issue affects the Template Handler component, specifically the /template/edit file, leading to injection when manipulated. This issue can be initiated remotely. Recommendations: ...

CVE-2022-4300 FastCMS Template edit injection

A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and...

CVE-2022-4300 FastCMS Template edit injection

A vulnerability was found in FastCMS. It has been rated as critical. This issue affects some unknown processing of the file /template/edit of the component Template Handler. The manipulation leads to injection. The attack may be initiated remotely. The exploit has been disclosed to the public and...

CVE-2022-3966

A vulnerability, which was classified as critical, has been found in Ultimate Member Plugin up to 2.5.0. This issue affects the function loadtemplate of the file includes/core/class-shortcodes.php of the component Template Handler. The manipulation of the argument tpl leads to pathname traversal...