1702 matches found
Cross-domain cookie leakage
Impact Previous version of Guzzle contain a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains...
A cross-site scripting vulnerability
Impact SVG sanitizer library before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML fetched as text/html was susceptible to cross-site scripting. Plain SVG files fetched as image/svg+xml were not affected. Patches This issue is fix...
TYPO3-CORE-SA-2021-013: Cross-Site Scripting via Rich-Text Content
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-013...
TYPO3-CORE-SA-2021-002: Unrestricted File Upload in Form Framework
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-002...
Allows write operations with Directory Traversal due to inadequate checking of symbolic links
Disallow symlinks to out-of-path filenames...
CVE-2020-15094: Prevent RCE when calling untrusted remote with CachingHttpClient
More info at https://symfony.com/cve-2020-15094...
TYPO3-CORE-SA-2020-008: Sensitive Information Disclosure
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-008...
TYPO3-CORE-SA-2020-004: Class destructors causing side-effects when being unserialized
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-004...
CVE-2020-5274: Fix Exception message escaping rendered by ErrorHandler
More info at https://symfony.com/cve-2020-5274...
SQL Injection in low-level Query Generator
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-025...
PRODSECBUG-2407: Remote code execution due to unsafe PHP archieve deserialization in the import functionality
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2469: Remote Code Execution in email templates
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2344: Cross-Site Scripting via wysiwyg editor
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
Possible deserialization side-effects in symfony/cache
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-016...
Possible deserialization side-effects in symfony/cache
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-016...
Insecure Deserialization in TYPO3 CMS
More info at https://typo3.org/security/advisory/typo3-core-sa-2019-020...
PRODSECBUG-2266: Arbitrary code execution through malicious elastic search module configuration
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2226: Stored cross-site scripting in the admin panel
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
PRODSECBUG-2182: Reflected cross-site scripting in the admin panel.
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
PRODSECBUG-2306: Remote code execution through crafted email templates
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...
Potential RCE if filename starts with phar://
More info at https://pear.php.net/bugs/bug.php?id=23782...
Reflected file download vulnerability
More info at https://www.drupal.org/SA-CORE-2016-001...
Saving user accounts can sometimes grant the user all roles
More info at https://www.drupal.org/SA-CORE-2016-001...
Anonymous authentication in ldap_bind() function of PHP, using null byte
More info at https://framework.zend.com/security/advisory/ZF2014-05...
PHP remote file inclusion vulnerability in dompdf.php
This release is superseded by version 0.7.0 This is a security-focused release that addresses a number of vulnerabilities that can expose your system to exploitation. In tandem with this release we have also posted a document to the wiki with advice for securing dompdf. Please read the new docume...
XML External Entity (XXE) issue
disable external XML entities and libxml errors thanks to Kousuke Ebihara for the report and patch...
Ability to enable/disable PHP parsing in Yaml::parse()
More info at https://symfony.com/blog/security-release-symfony-2-0-22-and-2-1-7-released...
Guard bypass in Eloquent models
More info at https://blog.laravel.com/security-release-laravel-61834-7232...
CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch
More info at https://symfony.com/cve-2026-46626...
PHP Code Injection
phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...
Github Actions issued GITHUB_TOKEN disclosure in GitHub Actions logs
Summary Composer leaks the full contents of tokens configured as GitHub OAuth tokens if they do not match Composer's expected format for such tokens to stderr. GitHub has introduced a new format for GitHub Actions GITHUBTOKEN values. These tokens are validated in the same way by Composer on GitHu...
CVE-2023-46735: Potential XSS in WebhookController
More info at https://symfony.com/cve-2023-46735...
ReactPHP's HTTP server continues parsing unused multipart parts after reaching limits
Summary Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impact on the default configuration, but can be exploited when explicitly using the...
CVE-2022-24894: Prevent storing cookie headers in HttpCache
More info at https://symfony.com/cve-2022-24894...
smarty_function_mailto - JavaScript injection in eval function
I found a bug in the Smarty package, specifically in the smartyfunctionmailto$params function. Remote exploitation of such vulnerability is unlikely, but it is still advisable to take it into account. A web page that uses this function and that could be parameterized using GET or POST input...
TYPO3-CORE-SA-2022-008: Missing check for expiration time of password reset token for backend users
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-008...
CVE-2021-41559: Quadratic blowup in Convert::xml2array()
More info at https://www.silverstripe.org/download/security-releases/cve-2021-41559...
Path Traversal within joomla/archive tar class
More info at https://developer.joomla.org/security-centre/870-20220301-core-zip-slip-within-the-tar-extractor.html...
Remote code injection via remote fonts
Dompdf is an HTML to PDF converter. Dompdf before 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
Access to restricted PHP code by dynamic static class access
Impact Template authors could run restricted static php methods. Patches Please upgrade to 3.1.40 or higher. References See the documentation on Smarty security features on the staticclasses access filter. For more information If you have any questions or comments about this advisory please open ...
CVE-2022-21647: Deserialization of Untrusted Data in Codeigniter4
Impact Deserialization of Untrusted Data was found in the old function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection...
CVE-2022-38148 - Blind SQL Injection via GridFieldSortableHeader
More info at https://www.silverstripe.org/download/security-releases/cve-2022-38148...
TYPO3-CORE-SA-2021-010: Cross-Site Scripting in Query Generator & Query View
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-010...
CVE-2021-21424: Prevent user enumeration via response content in authentication mechanisms
More info at https://symfony.com/cve-2021-21424...
Insecure Deserialization of untrusted data
Description Impact Unserialization of untrusted data. Patches The issue has been patched and users of Requests 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0. References Publications about the vulnerability:...
CVE-2020-15227: Potential Remote Code Execution vulnerability
More info at https://blog.nette.org/en/cve-2020-15227-potential-remote-code-execution-vulnerability...
SQL injection relating to data display
More info at https://www.phpmyadmin.net/security/PMASA-2020-4/...
Insert tag injection in the login module
More info at https://contao.org/en/security-advisories/insert-tag-injection-in-the-login-module.html...
PRODSECBUG-2223: Remote code execution when using functionality that imports a new product
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2430: Security bypass via crafted SOAP requests
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13...