CVE-2026-3714 OpenCart Incomplete Fix CVE-2024-36694 template.php save special elements used in a template engine

A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a template engine. The...

CVE-2025-15589 MuYuCMS Template Management Template.php delete_dir_file path traversal

A vulnerability was determined in MuYuCMS 2.7. Affected is the function deletedirfile of the file application/admin/controller/Template.php of the component Template Management Page. This manipulation of the argument temn/tp causes path traversal. It is possible to initiate the attack remotely. T...

EUVD-2017-3197

Malware in sbrugna...

EUVD-2008-6082

Malware in sbrugna...

EUVD-2006-6743

Malware in sbrugna...

EUVD-2017-3199

Malware in sbrugna...

EUVD-2006-0655

Malware in sbrugna...

EUVD-2022-5869

Malicious code in bioql PyPI...

EUVD-2023-34692

Malicious code in bioql PyPI...

CVE-2023-0783

A vulnerability was found in EcShop 4.1.5. It has been classified as critical. This affects an unknown part of the file /ecshop/admin/template.php of the component PHP File Handler. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...

CVE-2023-37049

emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\template.php...

Arbitrary file deletion

emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\template.php...

CVE-2023-37049

CVE-2023-37049 affects emlog 2.1.9, where an Arbitrary file deletion vulnerability exists via the admin/template.php endpoint. The connected sources confirm the affected software and the underlying issue (unauthorized deletion of files through a web-accessible admin path). No concrete exploit det...

CVE-2023-37049

emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\template.php...

CVE-2023-30264

CLTPHP =6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update...

Unrestricted file upload

CLTPHP =6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update...

CVE-2023-30269

CLTPHP =6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php...

CVE-2023-30269

CLTPHP =6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php...

Twig remote code execution in templates

The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the self variable in a template...

Sandbox bypass in fenom

In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCodeto bypass sandbox to execute arbitrary PHP code when disablenativefuncs is true...