2 matches found
PT-2022-24856 · Unknown · Isolated-Vm
Name of the Vulnerable Software and Affected Versions: isolated-vm versions 4.3.6 and prior Description: The issue allows attackers to bypass the sandbox and run arbitrary code in the nodejs process if untrusted v8 cached data is passed to the API through CachedDataOptions. This can be exploited ...
BaserCMS Cross-Site Scripting and Remote Code Execution Vulnerabilities
BaserCMS is an open source enterprise-level content management system cms. A cross-site scripting and remote code execution vulnerability exists in the ThemeFilesController.php and UploaderFilesController.php components in baserCMS 4.3.6 and earlier versions. An attacker can exploit this...