Lucene search
+L

18 matches found

CNNVD
CNNVD
added 2024/05/20 12:0 a.m.9 views

Pixel&tonic Craft CMS 安全漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic USA. A security vulnerability exists in Pixel & tonic Craft CMS Formie versions prior to 2.1.6, which stems from a user with access to form settings can include malicious Twig code into Twig-enabled fields that will...

4.4CVSS5.1AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.6 views

Pixel & tonic Craft CMS Security Vulnerability

Pixel & tonic Craft CMS is a content management system CMS from the US company Pixel & tonic. A security vulnerability exists in Pixel & tonic Craft CMS versions 4.0.0-RC1 through 4.5.10, 3.0.0 through 3.9.5, which can be exploited by an attacker to elevate privileges...

8.8CVSS6.8AI score0.00588EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/09/13 12:0 a.m.9 views

Pixel & tonic Craft CMS Code Injection Vulnerability

Pixel & tonic Craft CMS is a content management system CMS from the US-based Pixel & tonic, Inc. A code injection vulnerability exists in Pixel & tonic Craft CMS versions prior to 4.4.15, which stems from the presence of a remote code execution vulnerability...

10CVSS8.3AI score0.92918EPSS
Exploits10References8
CNNVD
CNNVD
added 2023/05/27 12:0 a.m.38 views

Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from the US-based company Pixel & tonic. A security vulnerability exists in Craft CMS, which stems from an incorrectly formatted RSS feed that can deliver a payload with cross-site scripting...

6.1CVSS5.5AI score0.00651EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic, Inc. A security vulnerability exists in Craft CMS, which stems from a cross-site scripting vulnerability that can be triggered by the Update Asset Index utility...

5.5CVSS5.3AI score0.00681EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic, Inc. A security vulnerability exists in Craft CMS, which stems from a cross-site scripting vulnerability that can be triggered by review volumes...

5.5CVSS5.3AI score0.00653EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic USA. A security vulnerability exists in Craft CMS. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

5.4CVSS5.7AI score0.00444EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.6 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from the US-based Pixel & tonic, Inc. A security vulnerability exists in Pixel & tonic Craft CMS that stems from not filtering input and encoding output in Quick Post validation error messages, which would allow the delivery of loads with...

4.8CVSS4.5AI score0.00617EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/05/19 12:0 a.m.7 views

Pixel&tonic Craft CMS 注入漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic USA. An injection vulnerability exists in Craft CMS versions prior to 4.4.6, which stems from an unrestricted file extension that could lead to remote code execution...

7.2CVSS7.4AI score0.01845EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/03/03 12:0 a.m.5 views

Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic, USA. A cross-site scripting vulnerability exists in Craft CMS versions prior to 4.3.7, which stems from a cross-site scripting XSS vulnerability...

6.1CVSS5.4AI score0.00801EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.8 views

Pixel&tonic Craft CMS 安全漏洞

Pixel & tonic Craft CMS is a content management system CMS from the US-based Pixel & tonic, Inc. A security vulnerability exists in Pixel & tonic Craft CMS versions 3.0.0 through 3.7.32, which originates from exposing password hashes of users who authenticate using email addresses or usernames in...

7.5CVSS7.3AI score0.01035EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/09/21 12:0 a.m.6 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from the US-based Pixel & tonic, Inc. A security vulnerability exists in Pixel & tonic Craft CMS version 4.2.0.1, which was discovered via src/web/assets/cp/src/js/BaseElementSelectInput.js to contain a cross-site scripting vulnerability...

5.4CVSS5.4AI score0.0041EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.5 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & tonic, USA. A security vulnerability exists in Craft CMS version 4.2.0.1, which stems from a security issue on the /admin/dashboard page...

5.4CVSS5.7AI score0.00407EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.5 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from the US company Pixel & tonic. A cross-site scripting vulnerability exists in Craft CMS version 4.2.0.1, which stems from a security issue on the /admin/myaccount page...

5.4CVSS5.4AI score0.0053EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/04/03 12:0 a.m.5 views

Pixel&tonic Craft CMS 跨站脚本漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & Tonic Pixel & tonic USA. A security vulnerability exists in Craft CMS versions prior to 3.7.29 that allows an attacker to execute cross-site scripting...

6.1CVSS5.8AI score0.00604EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.11 views

Pixel&tonic Craft CMS 路径遍历漏洞

Pixel & tonic Craft CMS is a content management system CMS from Pixel & Tonic Pixel & tonic. A path traversal vulnerability exists in Pixel & tonic Craft CMS, which stems from a path traversal security issue in the Ethercreative Logs plugin for Craft CMS...

4.9CVSS5.3AI score0.13759EPSS
Exploits6References8
CNVD
CNVD
added 2020/06/08 12:0 a.m.5 views

Pixel & Tonic Craft CMS Comments plugin cross-site scripting vulnerability (CNVD-2020-34722)

Pixel & Tonic Craft CMS is the U.S. Pixel & Tonic company's set of content management system CMS. Comments plugin is one of the code comment generation plugin. A cross-site scripting vulnerability exists in the Pixel & Tonic Craft CMS Comments plugin. The vulnerability stems from a lack of proper...

5.4CVSS6.6AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/26 12:0 a.m.5 views

Image Resizer Cross-Site Request Forgery Vulnerability

Pixel & Tonic Craft CMS is a content management system CMS of Pixel & Tonic, Inc. Image Resizer is one of the image editing plug-ins. A cross-site request forgery vulnerability exists in Image Resizer versions prior to 2.0.9 for Pixel & Tonic Craft CMS. A remote attacker could exploit this...

8.8CVSS6.9AI score0.00484EPSS
Exploits0References1
Rows per page
Query Builder