1697 matches found
TYPO3-CORE-SA-2023-006: Weak Authentication in Session Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2023-006...
TYPO3-EXT-SA-2023-004: Cross-Site Scripting in extension "Faceted Search" (ke_search)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-004...
TYPO3-EXT-SA-2023-002: Persisted Cross-Site Scripting in extension "Forms Export" (frp_form_answers)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2023-002...
TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-012...
TYPO3-CORE-SA-2022-010: Cross-Site Scripting in <f:asset.css> view helper
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-010...
GHSA-47m6-46mj-p235: By-passing Cross-Site Scripting Protection in HTML Sanitizer
Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C 5.7 Problem Due to a parsing issue in upstream package masterminds/html5, malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This allows to by-pass the cross-site scripting mechanis...
Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack.
Description Impact Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a Laminas\Diactoros\Uri instance associated with the incoming server request modified to reflect values from...
TYPO3-CORE-SA-2022-001: Information Disclosure via Export Module
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-001...
CVE-2022-23601: CSRF token missing in forms
More info at https://symfony.com/cve-2022-23601...
Allows write operations with Directory Traversal due to inadequate checking of symbolic links
Disallow symlinks to out-of-path filenames...
TYPO3-CORE-SA-2020-011: Cleartext storage of session identifier
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-011...
Possible remote code execution via unserialize() on user input containing specially crafted string
More info at https://www.yiiframework.com/news/303/yii-2-0-38...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
CVE-2018-11385: Session Fixation Issue for Guard Authentication
More info at https://symfony.com/cve-2018-11385...
CVE-2017-16790: Ensure that submitted data are uploaded files
More info at https://symfony.com/cve-2017-16790...
CVE-2017-16653: CSRF protection does not use different tokens for HTTP and HTTPS
More info at https://symfony.com/cve-2017-16653...
REST API can bypass comment approval.
More info at https://www.drupal.org/SA-CORE-2017-004...
JSON Data encoded for use in HTML was not safe to use in IE6/IE7, possible XSS attacks
More info at https://www.yiiframework.com/news/86/yii-2-0-4-is-released/...
Anonymous authentication in ldap_bind() function of PHP, using null byte
More info at https://framework.zend.com/security/advisory/ZF2014-05...
DOS attack in FOSUserBundle login form
More info at https://symfony.com/cve-2013-5750...
Critical - Arbitrary PHP code execution
More info at https://www.drupal.org/sa-core-2019-002...
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
More info at https://www.drupal.org/sa-core-2020-002...
Cross-site scripting (XSS) vulnerability in Paypal-Merchant-SDK-PHP
Hello: I have find a Reflected XSS vulnerability in this sdk. The vulnerability exists due to insufficient filtration of user-supplied data in “token” HTTP GET parameter that will be passed to “merchant-sdk-php\samples\AccountAuthentication\GetAuthDetails.html.php”. The infected source code is li...
CVE-2019-10912: Prevent destructors with side-effects from being unserialized
More info at https://symfony.com/cve-2019-10912...
CVE-2018-14773: Remove support for legacy and risky HTTP headers
More info at https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers...
TYPO3-EXT-SA-2025-004: Insecure Direct Object Reference in extension "Download manager" (reint_downloadmanager)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2025-004...
CVE-2024-32981 - XSS Vulnerability with text/html base64-encoded payload
More info at https://www.silverstripe.org/download/security-releases/cve-2024-32981...
phpseclib does not properly limit the ASN1 OID length
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f2qx-66wf-wvvx. This link is maintained to preserve external references. Original Description An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the...
CVE-2023-40180 DDOS Vulnerability on GraphQL due to lack of protection against recursive queries
More info at https://www.silverstripe.org/download/security-releases/CVE-2023-40180...
CVE-2023-22729 - Open redirect vulnerability on CMSSecurity relogin screen
More info at https://www.silverstripe.org/download/security-releases/cve-2023-22729...
Cross site scripting vulnerability in Javascript escaping
Impact An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the...
TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-015...
TYPO3-CORE-SA-2022-011: By-passing Cross-Site Scripting Protection in HTML Sanitizer
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-011...
TYPO3-CORE-SA-2022-003: Cross-Site Scripting in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-003...
Variable Tampering within joomla/input class
More info at https://developer.joomla.org/security-centre/876-20220307-core-variable-tampering-on-jinput-request-data.html...
Path manipulation
Description matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php. The issue was fixed in version 3.0.6. References https://nvd.nist.gov/vuln/detail/CVE-2021-43676 https://github.com/matyhtf/framework/issues/206 matyhtf/framework@2508460...
Possible RCE when rendering untrusted user templates
Fix CVE-2022-0323, possible RCE when rendering untrusted user templates, reported by @altm4n via huntr.dev Improve compatibility with PHP 8.1...
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-015...
TYPO3-CORE-SA-2021-015: HTTP Host Header Injection in Request Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-015...
TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-014...
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-011...
CVE-2020-26138 FormField: with square brackets in field name skips validation
More info at https://www.silverstripe.org/download/security-releases/cve-2020-26138...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...
TYPO3-CORE-SA-2021-004: Cross-Site Scripting in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-004...
Smarty_Internal_Runtime_TplFunction Sandbox Escape PHP Code Injection
More info at https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html...
template_object Sandbox Escape PHP Code Injection
More info at https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html...
Potential file overwrite if archive filename starts with file://
I have submitted this to the PEAR bug tracker as well as the PEAR group mailing list, and I'm not sure if either has gone through, so opening an issue here with the hope that this is the right place for it. While auditing a separate application which uses ArchiveTar internally, I found that...
TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-012...
Insecure Deserialization of untrusted data
Impact Unserialization of untrusted data. Patches The issue has been patched and users of Requests 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0. References Publications about the vulnerability:...
SQL injection relating to searching
More info at https://www.phpmyadmin.net/security/PMASA-2020-3/...