Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssti vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43769
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
Hitachi Vantara Pentaho Business Analytics Server 9.4.0.0
Hitachi Vantara Pentaho Business Analytics Server
1 Metasploit module
NA
CVE-2022-43939
Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.
Hitachi Vantara Pentaho Business Analytics Server
Hitachi Vantara Pentaho Business Analytics Server 9.4.0.0
1 Metasploit module
NA
CVE-2023-22527
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated malicious user to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence ...
Atlassian Confluence Data Center
Atlassian Confluence Server
26 Github repositories
2 Articles
NA
CVE-2023-33570
Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI).
Webkul Bagisto 1.5.1
NA
CVE-2022-47896
In JetBrains IntelliJ IDEA prior to 2022.3.1 code Templates were vulnerable to SSTI attacks.
Jetbrains Intellij Idea
668
VMScore
CVE-2020-28468
This affects the package pwntools prior to 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.
Pwntools Project Pwntools
668
VMScore
CVE-2022-24442
JetBrains YouTrack prior to 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.
Jetbrains Youtrack
1 Github repository
578
VMScore
CVE-2020-25967
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
Fastadmin Fastadmin 1.0.0.20200506
668
VMScore
CVE-2021-25770
In JetBrains YouTrack prior to 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
Jetbrains Youtrack
2 Github repositories
571
VMScore
CVE-2021-46063
MCMS v5.2.5 exists to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.
Mingsoft Mcms 5.2.5
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »