Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-102006
HistoryDec 04, 2021 - 12:00 a.m.

Crafter CMS Expression Injection Vulnerability

2021-12-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
crafter cms
expression injection
vulnerability
remote code execution
network system
administrator role

EPSS

0.001

Percentile

42.0%

JSON

Crafter CMS is an open source content management system (CMS) for digital experience applications.An expression injection vulnerability exists in Crafter CMS, which stems from the failure of a network system or product to properly filter special elements in code segments constructed from external input data. An attacker with the Administrator or Developer role could exploit this vulnerability to remotely execute arbitrary commands (RCE).

Related

prion 1
cve 1
cvelist 1
osv 1
nvd 1
prion
prion
Command injection
2021-12-02 16:15:00
cve
cve
CVE-2021-23258
2021-12-02 16:15:07
cvelist
cvelist
CVE-2021-23258 Spring SPEL Expression Language Injection
2021-12-02 15:40:54
osv
osv
CVE-2021-23258
2021-12-02 16:15:07
nvd
nvd
CVE-2021-23258
2021-12-02 16:15:07

EPSS

0.001

Percentile

42.0%

JSON
Related for CNVD-2021-102006
prion1cve1cvelist1osv1nvd1