128 matches found
Crafter CMS 安全漏洞
Crafter CMS is an open-source content management system CMS designed for digital experience applications. Versions of Crafter CMS prior to 5.9.7 and 4.17.3 contained security vulnerabilities. These vulnerabilities stemmed from the striptags function, which failed to filter URL schemes, potentiall...
Remote Code Execution (RCE)
Crafter CMS is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper control of dynamically managed Groovy code, where authenticated developers can bypass the Groovy sandbox by injecting malicious Groovy elements, allowing execution of arbitrary OS commands...
CVE-2026-1770
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
EUVD-2026-5112
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
CVE-2026-1770 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
PT-2026-5681
Name of the Vulnerable Software and Affected Versions Crafter CMS versions affected versions not specified Description An issue exists in Crafter Studio of Crafter CMS that allows authenticated developers to execute operating system commands. This is due to a bypass of the Groovy Sandbox...
EUVD-2018-0807
Malware in sbrugna...
EUVD-2025-18697
Malicious code in bioql PyPI...
EUVD-2022-0840
Malicious code in bioql PyPI...
EUVD-2022-2045
Malicious code in bioql PyPI...
EUVD-2022-4661
Malicious code in bioql PyPI...
EUVD-2022-1128
Malicious code in bioql PyPI...
EUVD-2022-1235
Malicious code in bioql PyPI...
EUVD-2022-0886
Malicious code in bioql PyPI...
EUVD-2022-0909
Malicious code in bioql PyPI...
EUVD-2022-0972
Malicious code in bioql PyPI...
EUVD-2022-2141
Malicious code in bioql PyPI...
CVE-2025-6384
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2017-15681
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE...
CVE-2017-15684
Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system...