Lucene search

K

CVE-2023-40035

🗓️ 23 Aug 2023 21:08:15Reported by GitHub_MType 
cve
 cve
🔗 web.nvd.nist.gov👁 49 Views

Craft CMS allows potential remote code execution via bypassing validatePath function. Patched in versions 4.4.15 & 3.8.1

Show more
Related
Detection
Affected
Refs
Nvd
Vulners
Node
craftcmscraft_cmsRange3.0.03.8.15
OR
craftcmscraft_cmsRange4.0.04.4.15
OR
craftcmscraft_cmsMatch4.0.0rc1
[
  {
    "vendor": "craftcms",
    "product": "cms",
    "versions": [
      {
        "version": ">= 4.0.0-RC1, < 4.4.15",
        "status": "affected"
      },
      {
        "version": ">= 3.0.0, < 3.8.15",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
23 Aug 2023 21:15Current
7.4High risk
Vulners AI Score7.4
CVSS37.2
EPSS0.004
49
.json
Report