Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Nystudio107Seomatic*

3 matches found

CVE
CVEadded 2022/06/12 11:15 a.m.105 views

CVE-2021-41749

In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution.

9.8CVSS9.8AI score0.85603EPSS
CVE
CVEadded 2018/08/06 8:29 p.m.55 views

CVE-2018-14716

A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.

7.5CVSS7.6AI score0.73346EPSS
CVE
CVEadded 2020/05/11 7:15 p.m.44 views

CVE-2020-12790

In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon.

7.5CVSS7.4AI score0.00458EPSS