MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.
CWE-94
CVE-2021-45983
NetScout nGeniusONE 6.3.2 allows Java RMI Code Execution.
CVE-2021-45806
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code.
CVE-2021-44978
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability which causes remote code execution.
CVE-2021-45029
Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
CVE-2021-44618
A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header.