Code injection

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in version...

CVE-2022-24780 Code Injection in Combodo iTop

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in version...

Combodo iTop 代码注入漏洞

Combodo iTop is a French company Combodo ITIL-based development and for the daily operation of the IT environment of open source Web applications. The program provides incident management, configuration management and problem management. A code injection vulnerability exists in Combodo iTop...

PT-2022-4549 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 2.7.6 and 3.0.0 Description: The issue is related to incorrect code generation management in the iTop web-based IT Service Management tool. It allows users of the iTop user portal to send TWIG code to the server...

Server Side Twig Template Injection

PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds...

GHSA-MRQ4-7CH7-2465 Server Side Twig Template Injection

PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds...

Code injection

PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to inject twig code inside the back office when using the legacy layout. The problem is fixed in version 1.7.8.3. There are no known workarounds...

CVE-2022-21686

CVE-2022-21686 concerns PrestaShop, an open-source e-commerce platform. A vulnerability affects versions 1.7.0.0 through 1.7.8.3 where an attacker can inject Twig code into the back office when using the legacy layout, enabling code injection. The issue is fixed in 1.7.8.3. No public workarounds ...

October/System authenticated file write leads to remote code execution

Impact Assuming an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. Patches Issue has been patched in Build 473 and v1.1.6 Workarounds Apply...

GHSA-WV23-PFJ7-2MJJ October/System authenticated file write leads to remote code execution

Impact Assuming an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. Patches Issue has been patched in Build 473 and v1.1.6 Workarounds Apply...

CVE-2021-32649

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

Code injection

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

CVE-2021-32649

CVE-2021-32649 affects October CMS (Laravel-based). Before versions 1.0.473 and 1.1.6 , an attacker with backend privileges to create, modify and delete website pages can trigger PHP code execution by embedding specially crafted Twig code in the template markup. The issue is remedied in Build 473...

CVE-2021-32649 Authenticated file write leads to remote code execution in october/system

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

GHSA-FCR8-6Q7R-M4WG Bypass of fix for CVE-2020-26231, Twig sandbox escape

Impact A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide...

PT-2021-14372 · Octobercms +2 · October Cms +1

Impact A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247: An authenticated backend user with the cms.manage pages, cms.manage layouts, or cms.manage partials permissions who would normally not be permitted to provi...

Sandbox Escape

October is vulnerable to arbitrary code execution. An authenticated backend user with cms.managepages, cms.managelayouts, or cms.managepartials permissions is allowed to write malicious Twig code leading to an escape from sandbox even if cms.enableSafeMode is set. This vulnerability is a bypass o...

Arbitrary Code Execution

October is vulnerable to arbitrary code execution. An authenticated backend user with cms.managepages, cms.managelayouts, or cms.managepartials permissions is allowed to write malicious Twig code leading to an escape from sandbox even if cms.enableSafeMode is set...

CVE-2020-26231

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 fixed in 1.0.469 and 1.1.0 was discovered that has the same impact as CVE-2020-15247. An authenticated backend user with the cms.managepages, cms.managelayouts, or...

CVE-2020-26231

October CMS (Laravel-based) has a vulnerability where an authenticated backend user with cms.manage_pages, cms.manage_layouts, or cms.manage_partials can bypass cms.enableSafeMode and write Twig code to escape the sandbox, executing arbitrary PHP. The issue mirrors CVE-2020-26231 and has been fix...