CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14716

A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.733

EPSS Ranking 98.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-14716

Nystudio107 » Seomatic » Version: 3.0.0

cpe:2.3:a:nystudio107:seomatic:3.0.0
Nystudio107 » Seomatic » Version: 3.0.1

cpe:2.3:a:nystudio107:seomatic:3.0.1
Nystudio107 » Seomatic » Version: 3.0.10

cpe:2.3:a:nystudio107:seomatic:3.0.10
Nystudio107 » Seomatic » Version: 3.0.11

cpe:2.3:a:nystudio107:seomatic:3.0.11
Nystudio107 » Seomatic » Version: 3.0.12

cpe:2.3:a:nystudio107:seomatic:3.0.12
Nystudio107 » Seomatic » Version: 3.0.13

cpe:2.3:a:nystudio107:seomatic:3.0.13
Nystudio107 » Seomatic » Version: 3.0.14

cpe:2.3:a:nystudio107:seomatic:3.0.14
Nystudio107 » Seomatic » Version: 3.0.15

cpe:2.3:a:nystudio107:seomatic:3.0.15
Nystudio107 » Seomatic » Version: 3.0.16

cpe:2.3:a:nystudio107:seomatic:3.0.16
Nystudio107 » Seomatic » Version: 3.0.17

cpe:2.3:a:nystudio107:seomatic:3.0.17
Nystudio107 » Seomatic » Version: 3.0.18

cpe:2.3:a:nystudio107:seomatic:3.0.18
Nystudio107 » Seomatic » Version: 3.0.2

cpe:2.3:a:nystudio107:seomatic:3.0.2
Nystudio107 » Seomatic » Version: 3.0.20

cpe:2.3:a:nystudio107:seomatic:3.0.20
Nystudio107 » Seomatic » Version: 3.0.22

cpe:2.3:a:nystudio107:seomatic:3.0.22
Nystudio107 » Seomatic » Version: 3.0.23

cpe:2.3:a:nystudio107:seomatic:3.0.23
Nystudio107 » Seomatic » Version: 3.0.24

cpe:2.3:a:nystudio107:seomatic:3.0.24
Nystudio107 » Seomatic » Version: 3.0.25

cpe:2.3:a:nystudio107:seomatic:3.0.25
Nystudio107 » Seomatic » Version: 3.0.3

cpe:2.3:a:nystudio107:seomatic:3.0.3
Nystudio107 » Seomatic » Version: 3.0.4

cpe:2.3:a:nystudio107:seomatic:3.0.4
Nystudio107 » Seomatic » Version: 3.0.5

cpe:2.3:a:nystudio107:seomatic:3.0.5
Nystudio107 » Seomatic » Version: 3.0.6

cpe:2.3:a:nystudio107:seomatic:3.0.6
Nystudio107 » Seomatic » Version: 3.0.7

cpe:2.3:a:nystudio107:seomatic:3.0.7
Nystudio107 » Seomatic » Version: 3.0.8

cpe:2.3:a:nystudio107:seomatic:3.0.8
Nystudio107 » Seomatic » Version: 3.0.9

cpe:2.3:a:nystudio107:seomatic:3.0.9
Nystudio107 » Seomatic » Version: 3.1.0

cpe:2.3:a:nystudio107:seomatic:3.1.0
Nystudio107 » Seomatic » Version: 3.1.1

cpe:2.3:a:nystudio107:seomatic:3.1.1
Nystudio107 » Seomatic » Version: 3.1.2

cpe:2.3:a:nystudio107:seomatic:3.1.2
Nystudio107 » Seomatic » Version: 3.1.3

cpe:2.3:a:nystudio107:seomatic:3.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14716

Products

Pricing

Contact Us