Lucene search
Veracode Vulnerability DatabaseVERACODE:22189HistoryDec 18, 2019 - 2:20 a.m.
Local File Inclusion
2019-12-1802:20:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
38.7%
contao/core-bundle is vulnerable to local file inclusion. insert tags can be injected into the login module which will be replaced when the page is rendered. This could potentially allow for arbitrary code execution when an attacker is able to upload a malicious file into the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| contao/core-bundle | le | 4.8.5 |
Related
osv
osv
CVE-2019-19714
2019-12-17 15:15:25
Insert tag injection in the Contao login module
2019-12-17 22:53:40
cvelist
cvelist
CVE-2019-19714
2019-12-17 14:04:03
friendsofphp
friendsofphp
Insert tag injection in the login module
2019-12-17 11:43:00
Insert tag injection in the login module
2019-12-17 11:43:00
contao
contao
Insert tag injection in the login module
2019-12-17 00:00:00
prion
prion
Design/Logic Flaw
2019-12-17 15:15:00
nvd
nvd
CVE-2019-19714
2019-12-17 15:15:25
cve
cve
CVE-2019-19714
2019-12-17 15:15:25
github
github
Insert tag injection in the Contao login module
2019-12-17 22:53:40