1702 matches found
TYPO3-CORE-SA-2022-016: Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-016...
TYPO3-EXT-SA-2022-015: Broken Access Control in extension "femanager" (femanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-015...
CVE-2022-38724 - XSS in shortcodes
More info at https://www.silverstripe.org/download/security-releases/cve-2022-38724...
CVE-2021-41270: Prevent CSV Injection via formulas
More info at https://symfony.com/cve-2021-41270...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...
TYPO3-CORE-SA-2021-008: Cross-Site Scripting in Content Preview
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-008...
Remote code execution
Hello, as discussed by email, this fixes a serious vulnerability. Hopefully my code is OK-ish...
CVE-2020-15227: Potential Remote Code Execution vulnerability
More info at https://blog.nette.org/en/cve-2020-15227-potential-remote-code-execution-vulnerability...
Relative Path Traversal (CWE-23) in chunked uploads
Impact The vulnerability was identified in the web service for a chunked file upload. While the names of the POST parameters vary with the used frontend, their values are always used in the same way to build a path where the chunks are stored and assembled temporarily. By not validating these...
Unexpected bindings in QueryBuilder
More info at https://blog.laravel.com/security-laravel-62011-7302-8221-released...
PRODSECBUG-2376: Remote code execution through crafted page layout and image data
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2470: Remote Code Execution in email templates
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2485: Information Disclosure via File upload functionality
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2380: Stored cross-site scripting in the Currency Symbols field
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2375: Arbitrary code execution via malicious XML layouts
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2317: Stored cross-site scripting in admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2275: Unsafe functionality is exposed via email templates manipulation
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2299: Stored cross-site scripting in the admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2220: Deletion of store design schedule via cross-site request forgery (CSRF)
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...
XSS vulnerability with double-encoded entities
An XSS vulnerability CVE-2019-10010 has been identified in all previous versions of this library 0.18.2 and below. The issue has been fixed in version 0.18.3. All users should upgrade to version 0.18.3 immediately. Additionally, if your application caches the resulting HTML, please purge and/or...
Cross-Site Scripting in Bootstrap CSS toolkit
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-006...
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2 (see CVE-2013-1967)
More info at https://contao.org/en/news/contao-3515.html...
CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password
More info at https://symfony.com/cve-2016-2403...
Security Misconfiguration Vulnerability in the AWS SDK for PHP
SECURITY FIX: This release addresses a security issue associated with CVE-2015-5723, specifically, fixes improper default directory umask behavior that could potentially allow unauthorized modifications of PHP code. Thanks to @ryan-lane for the initial report. Aws\Ec2 - Added support for...
CVE-2019-18886: Prevent user enumeration using switch user functionality
More info at https://symfony.com/cve-2019-18886...
Stored XSS vulnerability on Bounce Management Callback
Impact Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "errorrelatedto" parameters of the POST request of the bounce management callback will be permanently stored and...
PHPMemcachedAdmin Path Traversal vulnerability
More info at https://nvd.nist.gov/vuln/detail/CVE-2023-6026...
Unrestricted file uploads
More info at https://contao.org/en/security-advisories/unrestricted-file-uploads.html...
TYPO3-EXT-SA-2023-007: Broken Access Control in extension "hCaptcha for EXT:form" (hcaptcha)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-007...
CVE-2022-23556: Attackers may spoof IP address when using proxy
Impact This vulnerability may allow attackers to spoof their IP address when your server is behind a reverse proxy. Patches Upgrade to v4.2.11 or later, and configure Config\App::$proxyIPs. Workarounds Do not use $request-getIPAddress. References -...
TYPO3-EXT-SA-2022-016: Insufficient Session Expiration after Password Change in extension "Change password for frontend users" (fe_change_pwd)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-016...
URL Redirection to Untrusted Site ('Open Redirect')
Impact Releases prior to 3.0.1 are vulnerable to an open redirect vulnerability that allows an attacker to construct a URL that redirects to an arbitrary external domain. Patches 3.0.1 contains a fix for this vulnerability. The 1.x and 2.x releases are not maintained anymore. References...
CVE-2022-21647: Deserialization of Untrusted Data in Codeigniter4
Description Impact Deserialization of Untrusted Data was found in the old function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL...
CVE-2022-38147 - XSS via uploaded gpx file
More info at https://www.silverstripe.org/download/security-releases/cve-2022-38147...
CVE-2022-38462 - Reflected XSS in querystring parameters
More info at https://www.silverstripe.org/download/security-releases/cve-2022-38462...
CVE-2021-41106: File reference keys leads to incorrect hashes on HMAC algorithms
Impact Users of HMAC-based algorithms HS256, HS384, and HS512 combined with Lcobucci\JWT\Signer\Key\LocalFileReference as key are having their tokens issued/validated using the file path as hashing key - instead of the contents. The HMAC hashing functions take any string as input and, since users...
Object injection via local phar file
This is a security release. SECURITY Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as ssh2 Ensure method signature consisten...
Parsoid comment fostering allows for inserting mostly arbitrary <meta> tags
More info at https://phabricator.wikimedia.org/T279451...
TYPO3-CORE-SA-2020-010: Cross-Site Scripting in Fluid view helpers
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-010...
Sensitive Information Disclosure in extension "Media Content Element" (mediace)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2020-014...
Directory Traversal on ZIP extraction
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-024...
PRODSECBUG-2290: Cross-Site Scripting via admin panel
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2366: Stored cross-site scripting in the admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2317: Stored cross-site scripting in admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2353: Stored cross-site scripting in the admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2171: Insecure token implementation leads to Cross-Site Request Forgery (CSRF)
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...
PRODSECBUG-2387: Cross site request forgery attacks are possible via the gift card removal feature
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...
SUPEE-11086 - RCE, XSS, CSRF and other vulnerabilities
More info at https://magento.com/security/patches/supee-11086...
Potential SQL injection in methods `yii\db\ActiveRecord::findOne()` and `::findAll()`
More info at https://www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixes/...
A logged in back end user can include arbitrary existing PHP files by manipulating an URL parameter
More info at https://contao.org/en/news/contao-441.html...