python-liquid: Absolute paths escape filesystem loader search path

Impact The built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and render arbitrary files via the % include % and % render % tags. Targeted files...

CVE-2026-35483 text-generation-webui has a Path Traversal in load_template() — .jinja/.yaml/.yml file read without authentication

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

Copier 路径遍历漏洞

Copier is an open-source library developed by Copier for rendering project templates. Versions of Copier prior to 9.14.1 contained a path traversal vulnerability. This vulnerability stemmed from the externaldata function, which allowed templates to load YAML files using path-based operations...

CVE-2026-1846

loading template...

EUVD-2023-12767

Malicious code in bioql PyPI...

CVE-2025-51472

Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...

CVE-2023-0749

The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones...

Craft CMS 3.9.14 Remote Command Execution

Craft CMS version 3.9.14 proof of concept remote command execution exploit that leverages a vulnerability discovered in 2024. ============================================================================================================================================= | Title : Craft CMS 3.9.14...

Craft CMS Twig Template Injection RCE via FTP Templates Path

This module exploits a Twig template injection vulnerability in Craft CMS by abusing the --templatesPath argument. The vulnerability allows arbitrary template loading via FTP, leading to Remote Code Execution RCE. Module Options msf use exploit/linux/http/craftcmsftptemplate msf...

Fedora 37 : php-twig (2022-c6fe3ebd94)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c6fe3ebd94 advisory. Version 1.44.7 2022-09-28 Fix a security issue on filesystem loader possibility to load a template outside a configured directory Tenable has extracted the...

CVE-2024-5982

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the loadchathistory function in...

PYSEC-2024-112

An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except f...

CVE-2024-5982

CVE-2024-5982 affects gaizhenbiao/chuanhuchatgpt. Vulnerabilities stem from unsanitized user input used with directory paths via os.path.join, impacting: load_chat_history (arbitrary file uploads potentially enabling RCE), get_history_names (arbitrary directory creation), and load_template (possi...

PT-2024-7552 · Unknown · Gaizhenbiao/Chuanhuchatgpt

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt affected versions not specified Description: A path traversal vulnerability exists due to unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specificall...

ChuanhuChatGPT 安全漏洞

ChuanhuChatGPT is an application by the individual developer Chuan Hu. It provides a fast and easy-to-use web graphical interface and many additional features for many LLMs such as ChatGPT. A security vulnerability exists in ChuanhuChatGPT version 20240628, which stems from insufficient validatio...

CVE-2023-0749

The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones...

CVE-2023-0159

The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may ...

Path Traversal

twig/twig is vulnerable to path traversal. The vulnerability exists in findTemplate function of FilesystemLoader.php because the template loading directories are not properly configured which allows an attacker to load templates outside the configured directory...

USN-2618-1 python-dbusmock vulnerability

It was discovered that python-dbusmock incorrectly handled template loading from shared directories. A local attacker could possibly use this issue to execute arbitrary code...

USN-2618-1: python-dbusmock vulnerability

It was discovered that python-dbusmock incorrectly handled template loading from shared directories. A local attacker could possibly use this issue to execute arbitrary code...