5 matches found
PT-2025-45052
Name of the Vulnerable Software and Affected Versions Xibo versions 4.3.0 and below Description Xibo is a digital signage platform with a web content management system CMS. Versions 4.3.0 and below contain a Remote Code Execution issue in the CMS Developer menu’s Module Templating functionality...
Expression Language Injection
Overview Affected versions of this package are vulnerable to Expression Language Injection in the GatewayEvaluationContext method, which allows property modification that in turn enables code execution. Only Webflux applications are vulnerable, not WebMVC applications. Additionally, the following...
Linux Distros Unpatched Vulnerability : CVE-2023-28447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execut...
CVE-2025-24803
Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters A–Z, a–z, and 0–9, hyphens -, and...
UBUNTU-CVE-2023-28447
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data,...