1702 matches found
Drupal core - Moderately critical - Multiple Vulnerabilities - SA-CORE-2019-005
More info at https://www.drupal.org/sa-core-2019-005...
Unrestricted file uploads
More info at https://contao.org/en/security-advisories/unrestricted-file-uploads.html...
Cross-site scripting (XSS) vulnerability in the system log
More info at https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log-2021.html...
Cross site scripting via HTML attributes in the back end
More info at https://contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html...
CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure
Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...
CVE-2020-15146: Remote Code Execution in OptionsParser while using request parameters inside expression language
Impact Request parameters injected inside an expression evaluated by symfony/expression-language package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. The vulnerable versions...
TYPO3-EXT-SA-2024-003: Multiple vulnerabilities in "Events 2" (events2)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2024-003...
CVE-2023-25575: Secured properties may be accessible within collections
Impact Resource properties secured with the security option of the ApiPlatform\Metadata\ApiProperty attribute can be disclosed to unauthorized users. The problem affects most serialization formats, including raw JSON, which is enabled by default when installing API Platform. Custom serialization...
TYPO3-CORE-SA-2022-017: By-passing Cross-Site Scripting Protection in HTML Sanitizer
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-017...
TYPO3-CORE-SA-2022-002: Information Disclosure via Exception Handling/Logger
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-002...
CVE-2022-21647: Deserialization of Untrusted Data in Codeigniter4
Description Impact Deserialization of Untrusted Data was found in the old function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL...
CVE-2021-28661 Default GraphQL permission checker not inherited by query subclass
More info at https://www.silverstripe.org/download/security-releases/CVE-2021-28661...
TYPO3-CORE-SA-2021-003: Broken Access Control in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-003...
TYPO3-CORE-SA-2021-001: Open Redirection in Login Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-001...
TYPO3-CORE-SA-2020-007: Potential Privilege Escalation
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-007...
TYPO3-CORE-SA-2020-003: Cross-Site Scripting in Link Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-003...
CVE-2019-19325: XSS through non-scalar FormField attributes
More info at https://www.silverstripe.org/download/security-releases/cve-2019-19325/...
SQL injection relating to searching
More info at https://www.phpmyadmin.net/security/PMASA-2020-3/...
CVE-2019-16409: Secureassets and versionedfiles modules can expose versions of protected files
More info at https://www.silverstripe.org/download/security-releases/cve-2019-16409/...
Critical - Access bypass
More info at https://www.drupal.org/sa-core-2019-008...
PRODSECBUG-2183: Stored cross-site scripting in admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2300: Information about disabled products can be leaked due to inadequate validation checks
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2202: Security bypass via form data injection
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2095: Defense-in-depth session validation check implemented
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...
PRODSECBUG-2371: Stored cross-site scripting in the admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2222: Deletion of user roles via cross-site request forgery (CSRF)
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2339: Arbitrary code execution due to unsafe handling of a carrier gateway
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2325: Denial-of-service by forcing a store to respond with a 404 error
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PHP Code Injection
phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
CVE-2017-16652: Open redirect vulnerability on security handlers
More info at https://symfony.com/cve-2017-16652...
Remote Code Execution
SECURITY Critical security update for CVE-2016-10033 please update now! Thanks to Dawid Golunski. - Add ability to extract the SMTP transaction ID from some common SMTP success messages - Minor documentation tweaks...
Drupal Core - Highly Critical - Injection - SA-CORE-2016-003
More info at https://www.drupal.org/SA-CORE-2016-003...
File upload access bypass and denial of service
More info at https://www.drupal.org/SA-CORE-2016-001...
Code injection in the way Symfony implements translation caching in FrameworkBundle
More info at https://symfony.com/blog/security-releases-cve-2014-4931-symfony-2-3-18-2-4-8-and-2-5-2-released...
CVE-2024-50340: Ability to change environment from query
More info at https://symfony.com/cve-2024-50340...
Denial of Service via HTTP/2 CONTINUATION Frames
Early versions of amphp/http-client with HTTP/2 support v4.0.0-rc10 to 4.0.0 will collect HTTP/2 CONTINUATION frames in an unbounded buffer and will not check the header size limit until it has received the ENDHEADERS flag, resulting in an OOM crash. Later versions of amphp/http-client v4.1.0-rc1...
Laravel environment manipulation via query string
Description When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. Resolution The framework now ignores argv values for environment detection on...
CVE-2023-49783 No permission checks for editing or deleting records with CSV import form
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-49783...
Improper header validation
Impact Improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. Patches The issue is patched in 1.9.1 and 2.4.5...
TYPO3-EXT-SA-2023-003: Cross-Site Scripting in extension "Fluid Components" (fluid_components)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-003...
CVE-2023-28104 DDOS attack on graphql endpoints
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-28104...
TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-012...
Possibility to load a template outside a configured directory when using the filesystem loader
More info at https://symfony.com/blog/twig-security-release-possibility-to-load-a-template-outside-a-configured-directory-when-using-the-filesystem-loader...
TYPO3-CORE-SA-2022-009: Stored Cross-Site Scripting via FileDumpController
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-009...
TYPO3-CORE-SA-2022-007: User Enumeration via Response Timing
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-007...
TYPO3-CORE-SA-2022-003: Cross-Site Scripting in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-003...
Cross-domain cookie leakage
Impact Previous version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains...
PHP Code Injection by malicious block or filename
Impact Template authors could inject php code by choosing a malicous block name or include file name. Sites that cannot fully trust template authors should update asap. Patches Please upgrade to the most recent version of Smarty v3 or v4. Workarounds Is there a way for users to fix or remediate t...
A cross-site scripting vulnerability
Impact SVG sanitizer library before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML fetched as text/html was susceptible to cross-site scripting. Plain SVG files fetched as image/svg+xml were not affected. Patches This issue is fix...