465 matches found
CVE-2017-1000453
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution...
TYPO3 Formhandler 2.4.0 Cross Site Scripting
Advisory: Cross-Site Scripting in TYPO3 Formhandler Extension RedTeam Pentesting discovered a cross-site scripting vulnerability XSS in the TYPO3 extension Formhandler. Details ======= Product: TYPO3 Formhandler Affected Versions: 2.4.0 and probably earlier Fixed Versions: none, project no longer...
Keybase: Persistent XSS on keybase.io via "payload" field in `/user/sigchain_signature.toffee` template
Issue Keybase allows you to see other users' sigchains by navigating to /sigchain. The "Payload" field containing JSON related to the chainlink on the right side of the page is not correctly escaped during templating, leading to a persistent XSS as users have a high degree of control over the...
Important: Red Hat Security Advisory: ansible security update
An update for ansible is now available for Red Hat Storage Console 2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
ansible: Security issue with lookup return not tainting the jinja2 environment
An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the...
ansible: Security issue with lookup return not tainting the jinja2 environment
An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the...
PT-2017-3949
Name of the Vulnerable Software and Affected Versions Ansible versions 2.3.1.0 and 2.4.0.0 and earlier Description The issue is related to insufficient input validation in Ansible. An attacker could exploit this by controlling the results of lookup calls, injecting Unicode strings to be parsed by...
SUSE-SU-2016:2143-1 Security update for several openstack-components
This update provides the latest code from OpenStack Liberty for openstack-ceilometer, -cinder, -dashboard, -glance, -heat, -keystone, -manila, -neutron, -neutron-fwaas, -neutron-lbaas,-nova, -resource-agents, python-networking-cisco and python-openstackclient. Additionally some security-issues ha...
tplmap - Automatic Server-Side Template Injection Detection and Exploitation Tool
Tplmap short for Template Mapper is a tool that automate the process of detecting and exploiting Server-Side Template Injection vulnerabilities SSTI. This can be used by developers, penetration testers, and security researchers to detect and exploit vulnerabilities related to the template injecti...
[SECURITY] Fedora 22 Update: nodejs-handlebars-4.0.5-1.fc22
Handlebars.js is an extension to the Mustache templating language created by Chris Wanstrath. Handlebars.js and Mustache are both logicless templating languages that keep the view and the code separated like we all know they s hould be...
[SECURITY] Fedora 23 Update: nodejs-handlebars-4.0.5-1.fc23
Handlebars.js is an extension to the Mustache templating language created by Chris Wanstrath. Handlebars.js and Mustache are both logicless templating languages that keep the view and the code separated like we all know they s hould be...
Debian DSA-3343-1 : twig - security update
James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier discovered that twig, a templating engine for PHP, did not correctly process its input. End users allowed to submit twig templates could use specially crafted code to trigger remote code execution, even in sandboxed templates...
SOL16794 - CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
CVE-2015-1158 A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded, which in...
cups security update
CentOS Errata and Security Advisory CESA-2015:1123 Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
cups: cross-site scripting flaw in CUPS web UI (VU#810572)
A cross-site scripting flaw was found in the cups web templating engine. An attacker could use this flaw to bypass the default configuration settings that bind the CUPS scheduler to the 'localhost' or loopback interface...
USN-2629-1 cups vulnerabilities
It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code. CVE-2015-1158 It was discovered that the CUPS templating...
CSWorks Software Framework SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CSWorks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the data source templating. CSWorks does not properly sanitize or validate the data used to...
[SECURITY] Fedora 19 Update: cobbler-2.6.3-1.fc19
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing...
ZPanel templateparser.class.php - Crafted Template Remote Command Execution
No description provided by source. Hi all, There's an arbitrary PHP code execution in ZPanel, a free and open-source shared hosting control panel. Using the included zsudo binary, access can be escalated and commands can be run as root. The vulnerability: ZPanel uses a poor templater system that...
Arbitrary Code Execution
Overview Affected versions of this package are vulnerable to Arbitrary Code Execution. $parse allowed arbitrary code execution via Angular expressions under some very specific conditions. The only applications affected by these vulnerabilities are those that match all of the following conditions:...