102 matches found
CVE-2026-1770
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
GHSA-GJ28-GW7W-3PXC Crafter CMS has Improper Control of Dynamically-Managed Code Resources
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
Crafter CMS has Improper Control of Dynamically-Managed Code Resources
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
CVE-2026-1770
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
CVE-2026-1770
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
EUVD-2026-5112
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
CVE-2026-1770 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
CVE-2026-1770
CVE-2026-1770 affects Crafter CMS, specifically Crafter Studio. The vulnerability arises from Improper Control of Dynamically-Managed Code Resources via the Groovy Sandbox, enabling authenticated developers to insert malicious Groovy code to bypass sandbox restrictions and achieve Remote Code Exe...
CVE-2026-1770 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE Remote Code...
PT-2026-5681
Name of the Vulnerable Software and Affected Versions Crafter CMS versions affected versions not specified Description An issue exists in Crafter Studio of Crafter CMS that allows authenticated developers to execute operating system commands. This is due to a bypass of the Groovy Sandbox...
EUVD-2023-29907
Malicious code in bioql PyPI...
EUVD-2022-5114
Malicious code in bioql PyPI...
GHSA-5644-3VGQ-2PH5 Crafter Studio Groovy Sandbox Bypass
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
Improper Control of Dynamically-Managed Code Resources
Overview Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Groovy Sandbox process. An attacker can execute arbitrary operating system commands by injecting malicious Groovy elements that bypass sandbox restrictions. Remediation...
Crafter Studio Groovy Sandbox Bypass
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2025-6384
CrafterCMS Crafter Studio is affected by CVE-2025-6384 (versions 4.0.0–4.2.2). The issue is an Improper Control of Dynamically-Managed Code Resources that allows authenticated developers to bypass the Groovy sandbox, enabling remote code execution (RCE) by injecting malicious Groovy elements. The...
CVE-2025-6384 Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE Remote Code...
CVE-2023-26020
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26...