1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42651
https://notcve.org/view.php?id=CVE-2021-42651
11 May 2022 — A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. Una vulnerabilidad de tipo Server Side Template Injection (SSTI) en Pentest-Collaboration-Framework versión v1.0.8, permite a un atacante remoto autenticado ejecutar código arbitrario mediante /project/PROJECTNAME/reports/ • https://gitlab.com/invuls/pentest-projects/pcf/-/commit/67ca59ff668a4f361a0c6b1327287e484987b6f1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •