Total
62 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-24724 | 2024-11-21 | 9.8 Critical | ||
| Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messengerSettings.php) without sanitization. | ||||
| CVE-2023-6709 | 1 Lfprojects | 1 Mlflow | 2024-11-21 | 8.8 High |
| Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository mlflow/mlflow prior to 2.9.2. | ||||
| CVE-2023-46245 | 1 Kimai | 1 Kimai | 2024-11-21 | 7.2 High |
| Kimai is a web-based multi-user time-tracking application. Versions prior to 2.1.0 are vulnerable to a Server-Side Template Injection (SSTI) which can be escalated to Remote Code Execution (RCE). The vulnerability arises when a malicious user uploads a specially crafted Twig file, exploiting the software's PDF and HTML rendering functionalities. Version 2.1.0 enables security measures for custom Twig templates. | ||||
| CVE-2023-41047 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 6.2 Medium |
| OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that will allow code execution during rendering of that script. An attacker might use this to extract data managed by OctoPrint, or manipulate data managed by OctoPrint, as well as execute arbitrary commands with the rights of the OctoPrint process on the server system. OctoPrint versions from 1.9.3 onward have been patched. Administrators of OctoPrint instances are advised to make sure they can trust all other administrators on their instance and to also not blindly configure arbitrary GCODE scripts found online or provided to them by third parties. | ||||
| CVE-2023-27995 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.2 High |
| A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload. | ||||
| CVE-2022-27662 | 1 F5 | 1 Traffix Signaling Delivery Controller | 2024-11-21 | 4.8 Medium |
| On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2022-25813 | 1 Apache | 1 Ofbiz | 2024-11-21 | 7.5 High |
| In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. | ||||
| CVE-2022-0944 | 1 Sqlpad | 1 Sqlpad | 2024-11-21 | 7.2 High |
| Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. | ||||
| CVE-2022-0896 | 1 Microweber | 1 Microweber | 2024-11-21 | 8.8 High |
| Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3. | ||||
| CVE-2022-0323 | 1 Mustache Project | 1 Mustache | 2024-11-21 | 8.8 High |
| Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1. | ||||
| CVE-2021-4315 | 1 Psiturk | 1 Psiturk | 2024-11-21 | 5.5 Medium |
| A vulnerability has been found in NYUCCL psiTurk up to 3.2.0 and classified as critical. This vulnerability affects unknown code of the file psiturk/experiment.py. The manipulation of the argument mode leads to improper neutralization of special elements used in a template engine. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.1 is able to address this issue. The name of the patch is 47787e15cecd66f2aa87687bf852ae0194a4335f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-219676. | ||||
| CVE-2021-39128 | 1 Atlassian | 2 Jira Data Center, Jira Server | 2024-11-21 | 7.2 High |
| Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected versions of Jira Server or Data Center are before version 8.13.12, and from version 8.14.0 before 8.19.1. | ||||
| CVE-2024-52434 | 1 Supsystic | 1 Popup | 2024-11-20 | 9.1 Critical |
| Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through 1.10.29. | ||||
| CVE-2024-52427 | 2 Saso Nikolov, Vollstart | 2 Event Tickets With Ticket Scanner, Event Tickets With Ticket Scanner | 2024-11-20 | 9.9 Critical |
| Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11. | ||||
| CVE-2024-39766 | 1 Intel | 1 Neural Compressor Software | 2024-11-15 | 7 High |
| Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-48042 | 1 Supsystic | 1 Contact Form | 2024-10-16 | 9.1 Critical |
| Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Contact Form by Supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through 1.7.28. | ||||
| CVE-2024-46366 | 1 Webkul | 1 Krayin Crm | 2024-09-30 | 8.8 High |
| A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. | ||||
| CVE-2024-6386 | 1 Wpml | 1 Wpml | 2024-09-27 | 9.9 Critical |
| The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. | ||||
| CVE-2024-45053 | 1 Ethyca | 1 Fides | 2024-09-06 | 9.1 Critical |
| Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default `Owner` or `Contributor` role, who can escalate their access and execute code on the underlying Fides Webserver container where the Jinja template rendering function is executed. The vulnerability has been patched in Fides version `2.44.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There are no workarounds. | ||||
| CVE-2024-42355 | 1 Shopware | 1 Shopware | 2024-08-12 | 8.3 High |
| Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin. | ||||