Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2025/12/17 1:15 a.m.5 views

CVE-2025-14700

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...

9.9CVSS0.00075EPSS
Exploits2References1
Vulnrichment
Vulnrichmentadded 2025/12/17 12:4 a.m.1 views

CVE-2025-14700 Improper Neutralization of Special Elements Used in a Template Engine in Crafty Controller

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...

9.9CVSS7.6AI score0.00075EPSS
Exploits2References1
Cvelist
Cvelistadded 2025/12/17 12:4 a.m.23 views

CVE-2025-14700 Improper Neutralization of Special Elements Used in a Template Engine in Crafty Controller

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...

9.9CVSS0.00075EPSS
Exploits2References1
EUVD
EUVDadded 2025/12/17 12:4 a.m.5 views

EUVD-2025-203859

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...

9.9CVSS7.4AI score0.00075EPSS
Exploits2References2
OSV
OSVadded 2025/12/17 12:4 a.m.3 views

CVE-2025-14700 Improper Neutralization of Special Elements Used in a Template Engine in Crafty Controller

An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection...

9.9CVSS7.9AI score0.00075EPSS
Exploits2References3
CVE
CVEadded 2025/12/17 12:4 a.m.10 views

CVE-2025-14700

CVE-2025-14700 affects Crafty Controller 4.6.1 in the Webhook Template component. The supplied documents describe an input neutralization vulnerability that enables authenticated attackers to achieve remote code execution via Server-Side Template Injection (SSTI). Multiple sources (NVD/Red Hat/CV...

9.9CVSS7.6AI score0.00075EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/12/17 12:0 a.m.6 views

PT-2025-51794

Name of the Vulnerable Software and Affected Versions Crafty Controller version 4.6.1 Description An input neutralization issue exists within the Webhook Template component of Crafty Controller. This allows a remote, authenticated attacker to execute code on the system through Server Side Templat...

9.9CVSS7.7AI score0.00075EPSS
Exploits2References10
CNNVD
CNNVDadded 2025/12/17 12:0 a.m.2 views

Crafty Controller 安全漏洞

Crafty Controller is a Minecraft server control panel/launcher for Arcadia. A security vulnerability exists in Crafty Controller that stems from improper input neutralization of the Webhook Template component, which could lead to remote code execution via server-side template injection...

9.9CVSS7.7AI score0.00075EPSS
Exploits2References2
Rows per page
Query Builder