163 matches found
CVE-2026-3725
CVE-2026-3725 affects 1024-lab/lab1024 SmartAdmin up to version 3.29. The issue resides in the FreeMarker Template Handler, specifically the function freemarkerResolverContent in MailService.java. Manipulating the argument template_content can lead to improper neutralization of special elements u...
CVE-2026-2953
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed...
GHSA-Q5XX-FXV3-XXQF datapizza-ai: Server-Side Template Injection in ChatPromptTemplate via Jinja2 Template Handler
A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...
datapizza-ai: Server-Side Template Injection in ChatPromptTemplate via Jinja2 Template Handler
A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...
CVE-2026-2969 datapizza-labs datapizza-ai Jinja2 Template prompt.py ChatPromptTemplate special elements used in a template engine
A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...
CVE-2026-2969
CVE-2026-2969 affects datapizza-labs datapizza-ai 0.0.2, specifically the Jinja2 Template Handler’s ChatPromptTemplate in datapizza-ai-core/datapizza/modules/prompt/prompt.py. The vulnerability arises from manipulation of the Prompt argument that leads to improper neutralization of special elemen...
Datapizza AI 安全漏洞
Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains a security vulnerability. This vulnerability stems from incorrect handling of parameters Prompt in the function ChatPromptTemplate of the Jinja2 Template Handler...
CVE-2026-2953
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-2953 Dromara UJCMS Template WebFileTemplateController.delete deleteDirectory path traversal
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-2953
Summary: CVE-2026-2953 affects Dromara UJCMS 101.2, specifically the path traversal in the deleteDirectory function of WebFileTemplateController.delete within the Template Handler. Documents describe remote exploitation with publicly disclosed exploits. Root cause is manipulation of deleteDirecto...
CVE-2026-2953
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-2953 Dromara UJCMS Template WebFileTemplateController.delete deleteDirectory path traversal
A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulation leads to path traversal. The attack may be performed from remote. The exploit has been disclosed...
PT-2026-21452
Name of the Vulnerable Software and Affected Versions Dromara UJCMS version 101.2 Description A path traversal issue exists in Dromara UJCMS version 101.2. This is due to manipulation of the deleteDirectory function within the WebFileTemplateController.delete file of the Template Handler componen...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
bolo-solo 代码问题漏洞
Bolo-Solo is a blog system developed under the open source Bolo-Blog project. Versions of Bolo-Solo 2.6.4 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of parameters by the FreeMarker Template Handler component in the file...
CVE-2026-1813
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2026-1813 bolo-blog bolo-solo FreeMarker Template PicUploadProcessor.java unrestricted upload
A vulnerability was found in bolo-blog bolo-solo up to 2.6.4. Affected is an unknown function of the file src/main/java/org/b3log/solo/bolo/pic/PicUploadProcessor.java of the component FreeMarker Template Handler. The manipulation of the argument File results in unrestricted upload. It is possibl...
CVE-2025-1611
A vulnerability was found in ShopXO up to 6.4.0. It has been classified as problematic. This affects an unknown part of the file app/service/ThemeAdminService.php of the component Template Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit ha...