🎯 Server Side Template Injection Payloads
Websites Vulnerability Scanner
is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP
Writeups for portswigger labs.
CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco
FastAPI app with Jinja2 SSTI vulnerability example to demonstrate security risks in web applications.
simple server site template injection scanner !
SSTI Exploit Detector is a tool designed to detect potential Server-Side Template Injection (SSTI) vulnerabilities in web applications.
Express app with Pug templates demonstrating SSTI vulnerability and secure implementation for educational purposes.
Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116
A Flask-based Server-Side Template Injection lab with multiple challenge levels for security testing and learning.
CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS
MAL-001: FreeMarker Server-Side Template Injection in Liferay Portal
CVE-2025-26865: FreeMarker Server-Side Template Injection via the "ecommerce" plugin in Apache OfBiz
MAGNOLIA-8348: FreeMarker Restriction Bypass 3 in Magnolia CMS
CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS
All associated materials and tasks for the training
CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz
CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack
MAGNOLIA-8281: FreeMarker Restriction Bypass 2 in Magnolia CMS
Add a description, image, and links to the server-side-template-injection topic page so that developers can more easily learn about it.
To associate your repository with the server-side-template-injection topic, visit your repo's landing page and select "manage topics."