Lucene search
K

2126 matches found

OSV
OSV
added 2026/03/12 9:47 p.m.4 views

CVE-2026-32612 Statamic: privilege escalation via stored cross-site scripting

Statamic is a Laravel and Git powered content management system CMS. Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Th...

5.4CVSS5.7AI score0.0023EPSS
Exploits2References4
CVE
CVE
added 2026/03/12 9:47 p.m.25 views

CVE-2026-32612

Statmatic (Laravel/Git-based CMS) contains a stored XSS in the control panel color mode preference prior to version 6.6.2. An authenticated user with CP access could inject malicious JavaScript that would run when a higher-privileged user impersonated their account. The issue is resolved in versi...

5.4CVSS5.7AI score0.0023EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.12 views

PT-2026-25092

Statamic is a Laravel and Git powered content management system CMS. Prior to 6.6.2, stored XSS in the control panel color mode preference allows authenticated users with control panel access to inject malicious JavaScript that executes when a higher-privileged user impersonates their account. Th...

5.4CVSS5.7AI score0.0023EPSS
Exploits2References10
NVD
NVD
added 2026/03/11 6:16 p.m.4 views

CVE-2026-31857

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS0.00665EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 6:16 p.m.3 views

CVE-2026-31858

Craft is a content management system CMS. The ElementSearchController::actionSearch endpoint is missing the unset protection that was added to ElementIndexesController in CVE-2026-25495. The exact same SQL injection vulnerability including criteriaorderBy, the original advisory vector works on th...

8.8CVSS0.0035EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/11 5:35 p.m.4 views

CVE-2026-31858

Craft is a content management system CMS. The ElementSearchController::actionSearch endpoint is missing the unset protection that was added to ElementIndexesController in CVE-2026-25495. The exact same SQL injection vulnerability including criteriaorderBy, the original advisory vector works on th...

8.8CVSS6AI score0.00502EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/11 5:35 p.m.3 views

CVE-2026-31858 CraftCMS's `ElementSearchController` Affected by Blind SQL Injection

Craft is a content management system CMS. The ElementSearchController::actionSearch endpoint is missing the unset protection that was added to ElementIndexesController in CVE-2026-25495. The exact same SQL injection vulnerability including criteriaorderBy, the original advisory vector works on th...

8.7CVSS6AI score0.0035EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 5:30 p.m.3 views

CVE-2026-31857 CraftCMS has an RCE vulnerability via relational conditionals in the control panel

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS6AI score0.00665EPSS
Exploits0References4
CVE
CVE
added 2026/03/11 5:30 p.m.11 views

CVE-2026-31857

CVE-2026-31857 (CraftCMS) : A Remote Code Execution vulnerability exists in Craft CMS before versions 5.9.9 and 4.17.4 in the control panel via the BaseElementSelectConditionRule::getElementIds() path. User-controlled input is passed to renderObjectTemplate() (unsandboxed Twig with escaping disab...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 5:30 p.m.2 views

CVE-2026-31857

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/11 5:30 p.m.28 views

CVE-2026-31857 CraftCMS has an RCE vulnerability via relational conditionals in the control panel

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS0.00665EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 5:30 p.m.2 views

CVE-2026-31857 CraftCMS has an RCE vulnerability via relational conditionals in the control panel

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 2:56 p.m.5 views

GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel

A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/11 2:56 p.m.6 views

CraftCMS has an RCE vulnerability via relational conditionals in the control panel

A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/11 2:56 p.m.4 views

EUVD-2026-11257

CraftCMS has an RCE vulnerability via relational conditionals in the control panel...

9.3CVSS5.8AI score0.00665EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/11 12:27 a.m.5 views

CraftCMS's `ElementSearchController` Affected by Blind SQL Injection

The ElementSearchController::actionSearch endpoint is missing the unset protection that was added to ElementIndexesController in GHSA-2453-mppf-46cj. The exact same SQL injection vulnerability including criteriaorderBy, the original advisory vector works on this controller because the fix was nev...

8.8CVSS6AI score0.0035EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24751

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/10 6:23 p.m.2 views

SQL Injection

Overview craftcms/commerce is a Craft Commerce Affected versions of this package are vulnerable to SQL Injection in the sort parameter of the purchasables table endpoint, which is split and the first part is used directly as an array key to orderBy without whitelist validation. An attacker can...

8.8CVSS6.1AI score0.00421EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/02 1:51 a.m.8 views

CVE-2026-28424

Statmatic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.11 and 6.4.0, user email addresses were included in responses from the user fieldtype’s data endpoint for control panel users who did not have the "view users" permission. This has been fixed in 5.73.11 a...

6.5CVSS5.9AI score0.00231EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/01 4:28 a.m.20 views

Exploit for CVE-2026-36670

CVE-2026-36670 A time-based blind SQL injection exploit for t...

5.7AI score0.00361EPSS
Exploits1
Rows per page
Query Builder