1697 matches found
PRODSECBUG-1513: Insufficient brute force protections on promo code entry
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...
Cross-Site Scripting in Bootstrap CSS toolkit
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-006...
Trusted-Directory Bypass via Path Traversal
if you enable secrity .$trusteddir is an array of all directories that are considered trusted. Trusted directories are where you keep php scripts that are executed directly from the templates . the attackers can use ../ to bypass the dir ,if they can editing the templates, they read any file they...
Trusted-Directory Bypass via Path Traversal
Smarty Trusted-Directory Bypass via Path Traversal Vulnerability Overview Smarty 3.1.32 or below is prone to a path traversal vulnerability due to insufficient sanitization of code in Smarty templates. This allows attackers controlling the Smarty template to bypass the trusted directory security...
CVE-2017-16790: Ensure that submitted data are uploaded files
More info at https://symfony.com/cve-2017-16790...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
More info at https://symfony.com/cve-2017-16653...
SQL injection vulnerabililty in the front end listing module
More info at https://contao.org/en/news/contao-448.html...
SQL injection vulnerabililty in the back end search filter
More info at https://contao.org/en/news/contao-448.html...
Vulnerability to Response Wrapping attacks resulting in a malicious user gaining unauthorized access to a system.
Improve Signature validation process. Validates NameID only if strict is enabled...
Potential SQL injection in ORDER and GROUP statements of Zend_Db_Select
More info at https://framework.zend.com/security/advisory/ZF2016-02...
CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password
More info at https://symfony.com/cve-2016-2403...
Information leakage issue in the sanitycheck module
More info at https://simplesamlphp.org/security/201603-01...
Form API ignores access restrictions on submit buttons
More info at https://www.drupal.org/SA-CORE-2016-001...
Remote code execution in templates
More info at https://symfony.com/blog/security-release-twig-1-20-0...
CVE-2015-4050: ESI unauthorized access
More info at https://symfony.com/cve-2015-4050...
Invalid CSRF validation of null or incorrectly formatted token identifiers
More info at https://framework.zend.com/security/advisory/ZF2015-03...
SQL injection vector when manually quoting values for sqlsrv extension, using null byte
More info at https://framework.zend.com/security/advisory/ZF2014-06...
Information disclosure in the Extbase framework
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/...
Request::getHost() poisoning
More info at https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released...
Possible cross-site scripting (XSS) vulnerability in the Blade templating engine
A security researcher has disclosed a possible XSS vulnerability in the Blade templating engine. Given the following two Blade templates: resources/views/parent.blade.php: html @section'content' @show resources/views/child.blade.php: html @extends'parent' @section'content' @endsection And a route...
Drupal core - Critical - Cross-site scripting - SA-CORE-2021-002
More info at https://www.drupal.org/sa-core-2021-002...
Drupal core - Moderately critical - Access bypass - SA-CORE-2020-008
More info at https://www.drupal.org/sa-core-2020-008...
CVE-2018-14773: Remove support for legacy and risky HTTP headers
More info at https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers...
CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances
More info at https://symfony.com/cve-2019-18889...
Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-010
More info at https://www.drupal.org/sa-core-2020-010...
XSS vulnerability on password reset page
Impact For Mautic versions prior to 3.3.4, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password...
Moderately critical - Cross Site Scripting
More info at https://www.drupal.org/sa-core-2018-003...
TYPO3-EXT-SA-2024-006: Multiple vulnerabilities in "powermail" (powermail)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-006...
Deserialization Gadget chain in Symfony sfNamespacedParameterHolder
Summary Symfony 1 has a gadget chain due to dangerous unserialize in sfNamespacedParameterHolder class that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will...
Observable Response Discrepancy on Admin Login
Description Impact It allows over the Admin Login form to detect which user username, email exists and which one do not exist. Impacted by this issue are Sulu installation = 2.5.0 and getMessage; instead the $exception-getMessageKey; References Currently no references...
TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-013...
CVE-2022-25238: Stored XSS via HTML fields
More info at https://www.silverstripe.org/download/security-releases/cve-2022-25238...
CVE-2022-28803: Stored XSS in link tags added via XHR
More info at https://www.silverstripe.org/download/security-releases/cve-2022-28803...
TYPO3-CORE-SA-2022-005: Insufficient Session Expiration in Admin Tool
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-005...
TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-002...
Path Disclosure within joomla/filesystem class
More info at https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html...
Disallow non closures in the sort filter
More info at https://symfony.com/blog/twig-security-release-disallow-non-closures-in-the-sort-filter...
CVE-2021-41267: Webcache Poisoning via X-Forwarded-Prefix and sub-request
More info at https://symfony.com/cve-2021-41267...
TYPO3-CORE-SA-2021-012: Information Disclosure in User Authentication
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-012...
Form validation can be skipped in neos/form
Impact By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. We consider the severity low because it is not possible to change any form values since the form state is secured with an HMAC that is still verified. That means that...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...
Missing argument delimiter can lead to command execution via VCS repository URLs or source download URLs on systems with Mercurial
URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow commands to be executed in the HgDriver if hg/Mercurial is installed on the system. Impact - The impact to Composer users directly is limit...
TYPO3-CORE-SA-2021-007: Cross-Site Scripting in Content Preview
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-007...
TYPO3-CORE-SA-2021-001: Open Redirection in Login Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-001...
Unescaped message used in HTML on Special:Contributions
More info at https://phabricator.wikimedia.org/T255918...
TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-001...
TYPO3-CORE-SA-2020-006: Same-Site Request Forgery to Backend User Interface
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-006...
TYPO3-CORE-SA-2020-005: Insecure Deserialization in Backend User Settings
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-005...
TYPO3-CORE-SA-2020-002: Cross-Site Scripting in Form Engine
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-002...
PRODSECBUG-2344: Cross-Site Scripting via wysiwyg editor
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...