1702 matches found
The CSRF token check can be bypassed
More info at https://contao.org/en/news/security-vulnerability-cve-2019-10642.html...
BotPassword can bypass CentralAuth's account lock
More info at https://phabricator.wikimedia.org/T194605...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
Settings Tray access bypass.
More info at https://www.drupal.org/SA-CORE-2018-001...
Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air.
Bugfixes Fixed a security issue discovered by @hernandev that enabled an attacker to impersonate any registered user in a Firebase application...
Cross Site Scripting (XSS) in the consentAdmin module
More info at https://simplesamlphp.org/security/201709-01...
CVE-2017-11365: Empty passwords validation issue
More info at https://symfony.com/cve-2017-11365...
CVE-2017-11365: Empty passwords validation issue
More info at https://symfony.com/cve-2017-11365...
File REST resource does not properly validate
More info at https://www.drupal.org/SA-CORE-2017-003...
Files uploaded by anonymous users into a private file system can be accessed by other anonymous users
More info at https://www.drupal.org/SA-CORE-2017-003...
PECL YAML parser unsafe object handling
More info at https://www.drupal.org/SA-CORE-2017-003...
Remote code execution
More info at https://www.drupal.org/SA-2017-001...
Arbitrary shell execution
Security Advisory This release contains a fix for a security advisory related to the improper handling of shell commands Uses of shellexec and exec were not escaping filenames and configuration settings in most cases A properly crafted filename or configuration option would allow for arbitrary co...
Remote Code Execution in Qquoteadv/controllers/DownloadController.php
More info at https://cart2quote.zendesk.com/hc/en-us/articles/115000616303--FIXED-Security-Vulnerability-in-downloadCustomOptionAction...
Cross-site Scripting in http exceptions
More info at https://www.drupal.org/SA-CORE-2016-004...
Saving user accounts can sometimes grant the user all roles
More info at https://www.drupal.org/SA-CORE-2016-002...
HTTP header injection using line breaks
More info at https://www.drupal.org/SA-CORE-2016-001...
Reflected file download vulnerability
More info at https://www.drupal.org/SA-CORE-2016-001...
Session data truncation can lead to unserialization of user provided data
More info at https://www.drupal.org/SA-CORE-2016-001...
Security Misconfiguration Vulnerability in various Doctrine projects
More info at https://www.doctrine-project.org/2015/08/31/securitymisconfigurationvulnerabilityinvariousdoctrineprojects.html...
CVE-2015-4050: ESI unauthorized access
More info at https://symfony.com/cve-2015-4050...
Unsafe methods in the Request class
More info at https://symfony.com/cve-2015-2309...
Critical vulnerabilities in JSON Web Token libraries
More info at https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/...
PHP object injection attack vulnerability in Slim.
https://github.com/slimphp/Slim/blob/master/Slim/Middleware/SessionCookie.phpL127 Generally, it's a bad idea to blindly unserialize user-controllable input. https://www.owasp.org/index.php/PHPObjectInjection EDIT - for people who don't want to read the whole thread: The SessionCookie class is not...
Anonymous authentication in ldap_bind() function of PHP, using null byte
More info at https://framework.zend.com/security/advisory/ZF2014-05...
Security issue when parsing the Authorization header
More info at https://symfony.com/cve-2014-6061...
Arbitrary file read in dompdf
More info at https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/...
Cross-Site Scripting in TYPO3 Flow
More info at https://www.neos.io/blog/flow-sa-2013-001.html...
Cross-Site Scripting in TYPO3 Flow
More info at https://www.neos.io/blog/flow-sa-2013-001.html...
Routes behind a firewall are accessible even when not logged in
More info at https://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released...
Privilege escalation with the form generator
More info at https://contao.org/en/security-advisories/privilege-escalation-with-the-form-generator.html...
PHP Code Injection
phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...
Drupal core - Less critical - Access bypass - SA-CORE-2020-006
More info at https://www.drupal.org/sa-core-2020-006...
Possible cross-site scripting (XSS) vulnerability in the Blade templating engine
A security researcher has disclosed a possible XSS vulnerability in the Blade templating engine. Given the following two Blade templates: resources/views/parent.blade.php: html @section'content' @show resources/views/child.blade.php: html @extends'parent' @section'content' @endsection And a route...
SQL Server LIMIT / OFFSET SQL Injection
Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...
Password reset phishing vulnerability
More info at https://laravel.com/docs/5.4/releaseslaravel-5.4.22...
Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-005
More info at https://www.drupal.org/sa-core-2020-005...
Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-010
More info at https://www.drupal.org/sa-core-2020-010...
CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch
More info at https://symfony.com/cve-2026-46626...
symfony/ux-live-component CSRF Protection Bypass: Accept Header is CORS-Safelisted
Description When using symfony/ux-live-component, methods annotated with LiveAction are invokable from the browser and mutate server-side state via AJAX. Symfony\UX\LiveComponent\EventListener\LiveComponentSubscriber::isLiveComponentRequest gated these invocations on the presence of Accept:...
symfony/ux-autocomplete XSS via unescaped AJAX response data
Description The Stimulus controller shipped with symfony/ux-autocomplete renders AJAX response items into the dropdown by interpolating the text field directly into HTML template literals $itemlabelField inside createAutocompleteWithRemoteData. The value is parsed as HTML rather than text, so any...
Command injection via malicious Perforce repository definition
Impact The Perforce::generateP4Command method constructed shell commands by interpolating user-supplied Perforce connection parameters port, user, client without proper escaping. An attacker controlling a repository configuration in a malicious composer.json declaring a Perforce VCS repository...
Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page
Laravel Reflected XSS via Route Parameter in Debug-Mode Error Page Vulnerability Overview The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode error page. Identifier :...
TYPO3-EXT-SA-2023-008: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-008...
Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
More info at https://www.drupal.org/sa-core-2022-013...
TYPO3-EXT-SA-2022-014: SQL Injection in extension "LUX - TYPO3 Marketing Automation" (lux)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-014...
TYPO3-CORE-SA-2022-001: Information Disclosure via Export Module
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-001...
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-011...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...