15 matches found
RiteCMS Improper Access Control Vulnerability
RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from an improper access control vulnerability that stems from a lack of validity checking of paths in the /templates/ component when processing directory requests, which can be exploited by an attacker to...
VulnCheck KEV: CVE-2021-23263
Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/, /templates/ and some of the files in /.git/ non-binary...
CVE-2024-28335
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
PYSEC-2024-49
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
CVE-2024-28335
Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...
CVE-2024-28335
CVE-2024-28335 affects Lektor prior to 3.3.11. The issue is an unsanitized DB path traversal that can permit shell commands via a file added to the templates directory when a user’s browser visits an untrusted site that sends requests to localhost:5000, with the browser and the Lektor server runn...
PT-2024-22395 · Lektor · Lektor
Name of the Vulnerable Software and Affected Versions: Lektor versions prior to 3.3.11 Description: The issue concerns the lack of sanitization of database path traversal in Lektor. This allows shell commands to be executed via a file added to the templates directory under specific conditions. Th...
jenkins-2-plugin: email-ext: Missing permission check in Email Extension Plugin
A flaw was found in the Jenkins Email Extension Plugin. Affected versions of the Jenkins Email Extension Plugin could allow a remote, authenticated attacker to obtain sensitive information caused by improper permission validation. By sending a specially crafted request, an attacker can check for...
Improper Validation
Jenkins Email Extension Plugin is vulnerable to Improper Validation. The vulnerability exists due to lack of form validations which allows an attacker to gain read access to the email-templates/ file directory...
nuclei-templates
This repository is a collection of community-curated templates for the nuclei engine to find security vulnerabilities in applications. The templates are stored in the cves/ directory and are used by the nuclei scanner to identify potential vulnerabilities. The repository also contains workflows f...
The vulnerability in the Crafter CMS content management system’s /scripts/*, /templates/*, and /.git/* directories allows a hacker to read the textual content through FreeMarker.
The vulnerability of /scripts/, /templates/, and /.git/ in the Crafter CMS content management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to read the textual content through FreeMarker remotely...
Navigate CMS 2.8.7 - Authenticated Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link:...
Evil SSDP - Spoof SSDP Replies And Create Fake UPnP Devices To Phish For Credentials And NetNTLM Challenge/Response
This tool responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden...
pHNews <= alpha 1 (templates_dir) Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :...
CVE-2006-2839
Directory traversal vulnerability in PG Problem Editor module PGProblemEditor.pm in WeBWorK Online Homework Delivery System 2.2.0 and earlier allows remote attackers to read and write files outside of the templates directory...