1702 matches found
Backend: Non-Persistent Cross-Site Scripting
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/...
XXE/XEE vector when using ZendXml on multibyte payloads
More info at https://framework.zend.com/security/advisory/ZF2015-06...
Attackers able to impersonate users
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment For reference, this issue has been assigned ID CVE-2015-2964...
Potential SQL injection in PostgreSQL Zend\Db adapter
More info at https://framework.zend.com/security/advisory/ZF2015-02...
Failing to properly encode user input, several backend components are susceptible to XSS
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/...
PHP remote file inclusion vulnerability in dompdf.php
This release is superseded by version 0.7.0 This is a security-focused release that addresses a number of vulnerabilities that can expose your system to exploitation. In tandem with this release we have also posted a document to the wiki with advice for securing dompdf. Please read the new docume...
XML External Entity (XXE) issue
thanks to Kousuke Ebihara for the report and patch...
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
There was a problem hiding this comment. Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Hide comment I'm afraid this change is wrong. fileexists is not the only...
Deserialization of Untrusted Data
Description This affects the package codeception/codeception from 4.0.0 before 4.1.22 and before 3.1.3. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validation. References...
Unrestricted file uploads
More info at https://contao.org/en/security-advisories/unrestricted-file-uploads.html...
CVE-2023-46733: Possible session fixation
More info at https://symfony.com/cve-2023-46733...
CVE-2019-10909: Escape validation messages in the PHP templating engine
More info at https://symfony.com/cve-2019-10909...
CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters
More info at https://symfony.com/cve-2023-46734...
Critical - Remote Code Execution
More info at https://www.drupal.org/sa-core-2018-004...
Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2020-007
More info at https://www.drupal.org/sa-core-2020-007...
CVE-2024-32981 - XSS Vulnerability with text/html base64-encoded payload
More info at https://www.silverstripe.org/download/security-releases/cve-2024-32981...
TYPO3-CORE-SA-2023-006: Weak Authentication in Session Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2023-006...
TYPO3-EXT-SA-2022-017: Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter)
More info at https://typo3.org/security/advisory/typo3-ext-sa-2022-017...
TYPO3-CORE-SA-2022-001: Information Disclosure via Export Module
More info at https://typo3.org/security/advisory/typo3-core-sa-2022-001...
Remote code injection via remote fonts
Dompdf is an HTML to PDF converter. Dompdf before 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets CSS statement within an HTML input file...
Possible RCE when rendering untrusted user templates
Fix CVE-2022-0323, possible RCE when rendering untrusted user templates, reported by @altm4n via huntr.dev Improve compatibility with PHP 8.1...
CVE-2022-37430 - Stored XSS using uppercase characters in HTMLEditor
More info at https://www.silverstripe.org/download/security-releases/cve-2022-37430...
Image upload bypass
By default Debian includes support for executing .phar files alongside .php and .phtml files, and should be included in the blocked list. See: https://salsa.debian.org/php-team/php/-/blob/debian/main/7.4/debian/php-cgi.confL5-7 This should also be backported into all currently supported versions ...
TYPO3-CORE-SA-2021-014: Cross-Site-Request-Forgery in Backend URI Handling
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-014...
TYPO3-CORE-SA-2021-011: Cross-Site Scripting in Backend Grid View
More info at https://typo3.org/security/advisory/typo3-core-sa-2021-011...
TYPO3-CORE-SA-2020-012: XML External Entity in Dashboard Widget
More info at https://typo3.org/security/advisory/typo3-core-sa-2020-012...
Possible remote code execution via unserialize() on user input containing specially crafted string
More info at https://www.yiiframework.com/news/303/yii-2-0-38...
CVE-2020-15227: Potential Remote Code Execution vulnerability
More info at https://blog.nette.org/en/cve-2020-15227-potential-remote-code-execution-vulnerability...
CVE-2020-5275: All rules set in "access_control" are required when the firewall is configured with the unanimous strategy
More info at https://symfony.com/cve-2020-5275...
PRODSECBUG-2342: Cross-Site Scripting mitigation bypass
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2448: Cross side scripting via admin panel dashboard
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2424: SQL injection when accessing group data in email templates
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2456: Broken authentication and session managememt
More info at https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update...
PRODSECBUG-2128: Stored Cross Site Scripting in the Admin Panel through the tax/notification/info_url setting
More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23...
API responses for unpatrolled or (not) autopatrolled recent changes require privileges but may be cached publicly
More info at https://phabricator.wikimedia.org/T212118...
The CSRF token check can be bypassed
More info at https://contao.org/en/news/security-vulnerability-cve-2019-10642.html...
CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password
More info at https://symfony.com/cve-2018-11407...
CVE-2018-11406: CSRF Token Fixation
More info at https://symfony.com/cve-2018-11406...
Potential remote code execution in LUA context of the redis server via methods `yii\redis\ActiveRecord::findOne()` and `::findAll()`
More info at https://www.yiiframework.com/news/168/releasing-yii-2-0-15-and-database-extensions-with-security-fixes/...
JavaScript cross-site scripting prevention is incomplete.
More info at https://www.drupal.org/SA-CORE-2018-001...
External link injection on 404 pages when linking to the current page.
More info at https://www.drupal.org/SA-CORE-2018-001...
CVE-2017-16654: Intl bundle readers breaking out of paths
More info at https://symfony.com/cve-2017-16654...
CVE-2017-16790: Ensure that submitted data are uploaded files
More info at https://symfony.com/cve-2017-16790...
REST API can bypass comment approval.
More info at https://www.drupal.org/SA-CORE-2017-004...
Drupal Core - Highly Critical - Injection - SA-CORE-2016-003
More info at https://www.drupal.org/SA-CORE-2016-003...
HTTP Proxy header vulnerability
Addressing HTTPPROXY security vulnerability, CVE-2016-5385: https://httpoxy.org/. Please update to this version of Guzzle in order to mitigate the vulnerability when sending Guzzle requests inside of a CGI application. - Fixing timeout bug with StreamHandler - Only read up to Content-Length in...
CVE-2016-4423: Large username storage in session
More info at https://symfony.com/cve-2016-4423...
Local File Disclosure
SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML without a $basedir will not import images with relative URLs, and relative...
Anonymous authentication in ldap_bind() function of PHP, using null byte
More info at https://framework.zend.com/security/advisory/ZF2014-05...
CSRF vulnerability in the Web Profiler
More info at https://symfony.com/cve-2014-6072...