Insert tag injection in front end forms

More info at https://contao.org/en/security-advisories/insert-tag-injection-in-forms.html...

CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser

More info at https://symfony.com/cve-2019-18888...

Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page

Laravel Reflected XSS via Request Parameter in Debug-Mode Error Page Vulnerability Overview The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode error page. Identifier :...

Snappy PHAR deserialization vulnerability

Issue On March 17th the vulnerability CVE-2023-28115 was disclosed, allowing an attacker to gain remote code execution through PHAR deserialization. To fix this issue, the version 1.4.2 was released with an additional check in the affected function to prevent the usage of the phar:// wrapper...

Microweber Business Logic Errors

More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6566...

CVE-2023-22728 - Missing permission check in GridFieldPrintButton

More info at https://www.silverstripe.org/download/security-releases/cve-2023-22728...

TYPO3-CORE-SA-2022-007: User Enumeration via Response Timing

More info at https://typo3.org/security/advisory/typo3-core-sa-2022-007...

Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack.

Impact Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a Laminas\Diactoros\Uri instance associated with the incoming server request modified to reflect values from X-Forwarded-...

Cross site scripting via canonical URL

More info at https://contao.org/en/security-advisories/cross-site-scripting-via-canonical-url.html...

Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

CVE-2022-38146 - URL XSS vulnerability due to outdated jquery in CMS

More info at https://www.silverstripe.org/download/security-releases/cve-2022-38146...

CVE-2021-36150 - Insert from files link text - Reflective (self) Cross Site Scripting

More info at https://www.silverstripe.org/download/security-releases/CVE-2021-36150...

CVE-2021-25817 XXE: Vulnerability in CSSContentParser

More info at https://www.silverstripe.org/download/security-releases/cve-2021-25817...

Improper Certificate Validation in phpseclib

More info at https://github.com/phpseclib/phpseclib/pull/1635...

TYPO3-CORE-SA-2021-008: Cross-Site Scripting in Content Preview

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-008...

TYPO3-CORE-SA-2021-005: Denial of Service in Page Error Handling

More info at https://typo3.org/security/advisory/typo3-core-sa-2021-005...

TYPO3-CORE-SA-2020-011: Cleartext storage of session identifier

More info at https://typo3.org/security/advisory/typo3-core-sa-2020-011...

mw.message.parse() accepts javascript: protocol in wikilinks

More info at https://phabricator.wikimedia.org/T86738...

User content can redirect the logout button to different URL

More info at https://phabricator.wikimedia.org/T232932...

SQL injection with processing username

More info at https://www.phpmyadmin.net/security/PMASA-2020-2/...

CVE-2019-11325: Fix escaping of strings in VarExporter

More info at https://symfony.com/cve-2019-11325...

PRODSECBUG-2351: Arbitrary code execution via crafted sitemap creation

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...

PRODSECBUG-2301: Names of disabled products can be leaked due to inadequate validation checks

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Possible Arbitrary Code Execution in Image Processing

More info at https://typo3.org/security/advisory/typo3-core-sa-2019-012...

Sandbox Information Disclosure

More info at https://symfony.com/blog/twig-sandbox-information-disclosure...

Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...

CVE-2018-11385: Session Fixation Issue for Guard Authentication

More info at https://symfony.com/cve-2018-11385...

CVE-2018-11386: Denial of service when using PDOSessionHandler

More info at https://symfony.com/cve-2018-11386...

Private file access bypass.

More info at https://www.drupal.org/SA-CORE-2018-001...

A logged in back end user can include arbitrary existing PHP files by manipulating an URL parameter

More info at https://contao.org/en/news/contao-3528.html...

Session fixation and authentication bypass (authcrypt module)

More info at https://simplesamlphp.org/security/201705-01...

Remote Code Execution when using the mail transport

More info at https://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html...

CVE-2016-4423: Large username storage in session

More info at https://symfony.com/cve-2016-4423...

HTTP header injection using line breaks

More info at https://www.drupal.org/SA-CORE-2016-001...

Open redirect via path manipulation

More info at https://www.drupal.org/SA-CORE-2016-001...

Composer Cache Injection vulnerability

More info at http://flyingmana.de/blogen/2016/02/14/composercacheinjectionvulnerabilitycve20158371.html...

Security Misconfiguration Vulnerability in the AWS SDK for PHP

SECURITY FIX: This release addresses a security issue associated with CVE-2015-5723, specifically, fixes improper default directory umask behavior that could potentially allow unauthorized modifications of PHP code. Thanks to @ryan-lane for the initial report. - Aws\Ec2 - Added support for...

Potential CRLF injection attacks in mail and HTTP headers

More info at https://framework.zend.com/security/advisory/ZF2015-04...

Direct access of ESI URLs behind a trusted proxy

More info at https://symfony.com/cve-2014-5245...

Fixed potential path traversal attack and remote code injection

This is a security release. All users MUST upgrade to this release to prevent two potential security issues: - path traversal attack - remote code injection These two security issues have been reported by Andreas Forsblom. THANKS! Below is the original report Andreas sent me: Hi William, First,...

Validation metadata serialization and loss of information

More info at https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released...

Multiple XSS vulnerabilities exploitable on Internet Explorer

More info at http://htmlpurifier.org/security/2010/css-quoting...

PHPMemcachedAdmin Path Traversal vulnerability

More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6026...

Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004

More info at https://www.drupal.org/sa-core-2020-004...

Class-Name Injection

Tested on 1.8.0-beta-5 In safe mode with html markup disabled, it is possible to insert any classname into a code block like this: \js any-class-name with spaces code \ renders as: code infostring needs some cleanup here:...

Moderately critical - Third-party libraries - SA-CORE-2019-007

More info at https://www.drupal.org/SA-CORE-2019-007...

Critical - Third Party Libraries

More info at https://www.drupal.org/sa-core-2019-001...

Drupal core - Less critical - Access bypass - SA-CORE-2020-006

More info at https://www.drupal.org/sa-core-2020-006...

Moderately critical - Third-party libraries - SA-CORE-2019-007

More info at https://www.drupal.org/SA-CORE-2019-007...