Lucene search
K

27 matches found

ATTACKERKB
ATTACKERKB
added 2021/05/04 8:32 a.m.4 views

CVE-2021-23383

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...

9.8CVSS5.3AI score0.04506EPSS
Exploits1References7
Snyk
Snyk
added 2021/01/08 5:8 p.m.6 views

Remote Code Execution (RCE)

Overview handlebars is an extension to the Mustache templating language. Affected versions of this package are vulnerable to Remote Code Execution RCE when selecting certain compiling options to compile templates coming from an untrusted source. POC // compile the template var s = with lookupGett...

9.8CVSS9AI score0.07028EPSS
Exploits2References2
Snyk
Snyk
added 2021/01/08 8:30 a.m.6 views

Prototype Pollution

Overview handlebars is an extension to the Mustache templating language. Affected versions of this package are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. POC // compile the template var s2 = 'a/." ||...

9.8CVSS8.2AI score0.04506EPSS
Exploits1References2
Prion
Prion
added 2020/03/15 6:15 p.m.11 views

Design/Logic Flaw

The dot package v1.1.2 uses Function to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype...

6.5CVSS8.6AI score0.02138EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2019/06/05 9:24 p.m.37 views

Command Injection in dot

All versions of dot are vulnerable to Command Injection. The template compilation may execute arbitrary commands if an attacker can inject code in the template or if a Prototype Pollution-like vulnerability can be exploited to alter an Object's prototype...

6.2AI score
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2014/07/29 12:0 a.m.27 views

一步步击溃PHPYUN(另类方法绕过防注入)

简要描述: 由某处SQL注入引起,最终通过组合漏洞击溃PHPYUN 详细说明: 测试版本:PHPYUN 3.1 GBK beta 20140728 PHPYUN使用了两套waf,一套自己写的,一套360的,从第一套开始。 \data\db.safety.php: quotesGPC; // 效果:addslashes if$config'syistemplate'!='1' || md5md5$config'sysafekey'.$GET'm'!=$POST'safekey' foreach$POST as $id=$v safesql$id,$v,"POST",$config; $id...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2014/02/10 12:0 a.m.48 views

perl Locale::Maketext code execution

It's possible to call external functions on template compilation...

7.5CVSS2.5AI score0.61604EPSS
Exploits13References1Affected Software1
Rows per page
Query Builder