Fallos del tipo CWE-1336
178 resultadosCVE-2024-4040CRITICALUnauthenticated arbitrary file read and remote code execution in CrushFTPEPSS 99.5%KEVCVE-2024-23692CRITICALRejetto HTTP File Server 2.3m Unauthenticated RCEEPSS 99.5%KEVCVE-2024-32651CRITICALServer Side Template Injection in Jinja2 allows Remote Command ExecutionEPSS 83.7%CVE-2025-47916CRITICALInvision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within thEPSS 78.6%CVE-2022-25813—Server-Side Template Injection affecting the ecommerce plugin of Apache OFBizEPSS 67.3%CVE-2025-34300CRITICALSawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCEEPSS 49.1%CVE-2024-24724CRITICALGibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution EPSS 26.1%CVE-2024-6386CRITICALWPML Multilingual CMS <= 4.6.12 - Authenticated (Contributor+) Remote Code Execution via Twig Server-Side Template InjectionEPSS 25.0%CVE-2025-49619HIGHSkyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation EPSS 13.4%CVE-2025-53833CRITICALLaRecipe is vulnerable to Server-Side Template Injection attacksEPSS 9.4%CVE-2022-0944CRITICALTemplate injection in connection test endpoint leads to RCE in sqlpad/sqlpadEPSS 8.7%CVE-2025-14700CRITICALImproper Neutralization of Special Elements Used in a Template Engine in Crafty ControllerEPSS 6.0%CVE-2024-28116HIGHServer-Side Template Injection (SSTI) with Grav CMS security sandbox bypassEPSS 5.8%CVE-2023-34448HIGHGrav Server-side Template Injection (SSTI) via Twig Default FiltersEPSS 4.5%CVE-2025-23211CRITICALTandoor Recipes - SSTI - Remote Code ExecutionEPSS 3.3%CVE-2025-66294HIGHGrav is vulnerable to RCE via SSTI through Twig Sandbox BypassEPSS 2.6%CVE-2025-59340CRITICALjinjava Sandbox Bypass via JavaType-Based DeserializationEPSS 2.3%CVE-2025-69516HIGHA Server-Side Template Injection (SSTI) vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting verEPSS 2.1%CVE-2023-2017HIGHImproper Control of Generation of Code in Twig Rendered Views in ShopwareEPSS 2.1%CVE-2023-34252HIGHGrav Server-side Template Injection via Insufficient Validation in filterFilterEPSS 2.1%