Lucene search
K

21 matches found

Vulnrichment
Vulnrichment
‱added 2026/03/04 4:15 p.m.‱3 views

CVE-2026-28695 Craft affected by authenticated RCE via Twig SSTI - create() function + Symfony Process gadget

Craft is a content management system CMS. There is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the create Twig function combined with a Symfony Process gadget chain. The create Twig function exposes Craft::createObject, which allows instantiation of...

7.5CVSS6AI score0.00556EPSS
Exploits1References2
Github Security Blog
Github Security Blog
‱added 2026/03/03 8:30 p.m.‱20 views

Craft CMS Vulnerable to Authenticated RCE via Twig SSTI - create() function + Symfony Process gadget

There is an authenticated admin RCE in Craft CMS 5.8.21 via Server-Side Template Injection using the create Twig function combined with a Symfony Process gadget chain. This bypasses the fix implemented for CVE-2025-57811 patched in 5.8.7. Required Permissions - Administrator permissions or access...

7.5CVSS6.1AI score0.00556EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
‱added 2026/01/05 6:10 p.m.‱10 views

Craft CMS vulnerable to potential authenticated Remote Code Execution via Twig SSTI

For this to work, users must have administrator access to the Craft Control Panel, and allowAdminChanges must be enabled for this to work, which is against Craft CMS' recommendations for any non-dev environment...

8.8CVSS6.8AI score0.00787EPSS
Exploits1References5Affected Software1
Rapid7 Blog
Rapid7 Blog
‱added 2025/12/19 9:2 p.m.‱12 views

Metasploit Wrap-Up 12/19/2025

React2Shell Payload Improvements Last week Metasploit released an exploit for the React2Shell vulnerability, and this week we have made a couple of improvements to the payloads that it uses. The first improvement affects all Metasploit modules. When an exploit is used, an initial payload is...

8.4CVSS8.2AI score0.31631EPSS
Exploits2
Packet Storm
Packet Storm
‱added 2025/12/12 12:0 a.m.‱178 views

📄 Grav CMS Twig SSTI Authenticated Sandbox Bypass Remote Code Execution

This Metasploit module exploits a Server-Side Template Injection SSTI vulnerability CVE-2025-66294 in Grav CMS that allows bypassing the Twig sandbox to achieve remote code execution. The cleanDangerousTwig method uses weak regex that fails to sanitize nested Twig calls within the evaluatetwig...

9.6CVSS8.3AI score0.0264EPSS
Exploits5
EUVD
EUVD
‱added 2025/10/03 8:7 p.m.‱4 views

EUVD-2024-3241

Malicious code in bioql PyPI...

7.2CVSS6.8AI score0.01308EPSS
Exploits1References4
EUVD
EUVD
‱added 2025/10/03 8:7 p.m.‱5 views

EUVD-2025-13408

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.01221EPSS
Exploits0References6
RedhatCVE
RedhatCVE
‱added 2025/05/07 8:12 p.m.‱8 views

CVE-2025-46731

Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and ALLOWADMINCHANGES must be enabled for this to work...

8.6CVSS7.8AI score0.01221EPSS
Exploits0References1
NVD
NVD
‱added 2025/05/05 8:15 p.m.‱31 views

CVE-2025-46731

Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and ALLOWADMINCHANGES must be enabled for this to work...

8.6CVSS0.01221EPSS
Exploits0References4
Github Security Blog
Github Security Blog
‱added 2025/05/05 7:35 p.m.‱21 views

Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI

Craft CMS contains a potential remote code execution vulnerability via Twig SSTI. You must have administrator access and ALLOWADMINCHANGES must be enabled for this to work. https://craftcms.com/knowledge-base/securing-craftset-allowAdminChanges-to-false-in-production Note: This is a follow-up to...

8.6CVSS7.8AI score0.01221EPSS
Exploits0References6Affected Software1
OSV
OSV
‱added 2025/05/05 7:35 p.m.‱15 views

GHSA-7C58-G782-9J38 Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI

Craft CMS contains a potential remote code execution vulnerability via Twig SSTI. You must have administrator access and ALLOWADMINCHANGES must be enabled for this to work. https://craftcms.com/knowledge-base/securing-craftset-allowAdminChanges-to-false-in-production Note: This is a follow-up to...

8.6CVSS7.8AI score0.01221EPSS
Exploits0References6
CVE
CVE
‱added 2025/05/05 7:35 p.m.‱65 views

CVE-2025-46731

CVE-2025-46731 affects Craft CMS on the 4.x line prior to 4.14.13 and the 5.x line prior to 5.6.16, with a remote code execution vulnerability exploitable via Twig SSTI. An attacker must have administrator access and ALLOW_ADMIN_CHANGES enabled for exploitation. Remediation is to upgrade to patch...

8.6CVSS7.5AI score0.01221EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
‱added 2025/05/05 7:35 p.m.‱25 views

CVE-2025-46731 Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI

Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and ALLOWADMINCHANGES must be enabled for this to work...

8.6CVSS0.01221EPSS
Exploits0References4
OSV
OSV
‱added 2025/05/05 7:35 p.m.‱5 views

CVE-2025-46731 Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI

Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and ALLOWADMINCHANGES must be enabled for this to work...

8.6CVSS7.7AI score0.01221EPSS
Exploits0References6
NVD
NVD
‱added 2024/11/13 4:15 p.m.‱36 views

CVE-2024-52293

Craft is a content management system CMS. Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3...

7.2CVSS0.01308EPSS
Exploits1References2
Vulnrichment
Vulnrichment
‱added 2024/11/13 4:4 p.m.‱28 views

CVE-2024-52293 Craft has a Potential Remote Code Execution via missing path normalization & Twig SSTI

Craft is a content management system CMS. Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3...

7.2CVSS7.1AI score0.01308EPSS
Exploits1References2
CVE
CVE
‱added 2024/11/13 4:4 p.m.‱78 views

CVE-2024-52293

Craft CMS prior to 4.12.2 and 5.4.3 is vulnerable due to missing normalizePath in FileHelper::absolutePath, enabling potential Remote Code Execution via Twig SSTI. This is a sequel to CVE-2023-40035. The issue is fixed in Craft 4.12.2 and 5.4.3. Affected versions should upgrade to the specified f...

7.2CVSS6.9AI score0.01308EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
‱added 2024/11/13 4:4 p.m.‱45 views

CVE-2024-52293 Craft has a Potential Remote Code Execution via missing path normalization & Twig SSTI

Craft is a content management system CMS. Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3...

7.2CVSS0.01308EPSS
Exploits1References2
OSV
OSV
‱added 2024/11/13 4:4 p.m.‱37 views

CVE-2024-52293 Craft has a Potential Remote Code Execution via missing path normalization & Twig SSTI

Craft is a content management system CMS. Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3...

7.2CVSS6.8AI score0.01308EPSS
Exploits1References4
Github Security Blog
Github Security Blog
‱added 2024/11/13 2:16 p.m.‱33 views

Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI

Summary Missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. Post-authentication, ALLOWADMINCHANGES=true Details Note: This is a sequel to CVE-2023-40035 In src/helpers/FileHelper.phpL106-L137, the function absolutePath...

7.2CVSS7.4AI score0.01308EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder