Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/07/01 11:26 p.m.37 views

CVE-2026-55794 Craft CMS: Potential authenticated Remote Code Execution via referrer redirect

Craft CMS is a content management system CMS. In versions 5.9.0 and above prior to 5.10.0, control panel users with the ability to edit entries can execute unsandboxed Twig code via the HTTP Referrer header, potentially leading to authenticated RCE. The issue happens when a user is saving entries...

8.7CVSS0.00293EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 11:26 p.m.31 views

CVE-2026-55794

Craft CMS

8.7CVSS5.8AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54862

Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.9.0 through 5.9.x Description Control panel users with entry editing permissions can execute unsandboxed Twig code, which may lead to authenticated Remote Code Execution RCE. The issue occurs during the entry saving proces...

8.7CVSS6AI score0.00293EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.9 views

WordPress plugin Contact Form by Supsystic 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.8CVSS6.3AI score0.41475EPSS
Exploits8References5
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-31857

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References1
Veracode
Veracode
added 2026/03/14 5:18 a.m.15 views

Remote Code Execution (RCE)

Craft CMS is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe use of unsandboxed Twig rendering with user-controlled input in the conditions system, which allows an attacker to execute arbitrary code through crafted condition rules...

9.3CVSS6.4AI score0.00665EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/03/11 6:16 p.m.6 views

CVE-2026-31857

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS0.00665EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/11 5:30 p.m.2 views

CVE-2026-31857

Craft is a content management system CMS. Prior to 5.9.9 and 4.17.4, a Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/11 2:56 p.m.6 views

GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel

A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.8 views

Craft CMS 代码注入漏洞

Craft CMS is an open-source content management system developed by Craft. Versions of Craft CMS prior to 5.9.9 and 4.17.4 contained a code injection vulnerability. This vulnerability stemmed from the BaseElementSelectConditionRule::getElementIds method, which allowed user input to be passed to th...

9.3CVSS6.1AI score0.00665EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.10 views

CVE-2021-29440

Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the...

8.4CVSS7.6AI score0.30623EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:6 a.m.19 views

CVE-2024-28117

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twigarraymap, allowing attackers to bypass the validation and execute...

8.8CVSS8.1AI score0.01381EPSS
Exploits1References1
OSV
OSV
added 2024/03/22 4:56 p.m.23 views

GHSA-2M7X-C7PX-HP58 Server Side Template Injection (SSTI) via Twig escape handler

Summary Due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Details https://github.com/twigphp/Twig/blob/3.x/src/Extension/EscaperExtension.phpL99 php / Defines a new escaper to be used via the esca...

8.8CVSS9.1AI score0.01584EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.13 views

PT-2024-22272 · Grav · Grav

Name of the Vulnerable Software and Affected Versions: Grav versions prior to 1.7.45 Description: Grav is an open-source, flat-file content management system. The issue arises because Grav validates accessible functions through the Utils::isDangerousFunction function but does not impose...

8.8CVSS8.6AI score0.01381EPSS
Exploits1References12
Rows per page
Query Builder