211 matches found
Privilege Escalation
craftcms/cms is vulnerable to Privilege Escalation. The vulnerability is due to the actionSave function within ElementsController.php, because there are no checks for save permissions before and after applying POST params to the element, as well as the actionSaveUser function within...
Exploit for Code Injection in Craftcms Craft_Cms
Craft CMS CVE-2023-41892 There is a Unauthenticated Remote...
CraftCMS 4.x < 4.4.15 Remote Code Execution
CraftCMS version 4.x prior to 4.4.15 is vulnerable to a Remote Code Execution RCE in the action endpoint. No source data...
Remote Code Execution (RCE)
craftcms/cms is vulnerable to Remote Code Execution. The vulnerability is due to a lack of file protocol removal in FileHelper.php which allows an attacker to upload and execute malicious PHP code into the system...
CraftCMS 注入漏洞
CraftCMS is a content management system from CraftCMS, Inc. CraftCMS suffers from an injection vulnerability that stems from the fact that bypassing the validatePath function can lead to potential remote code execution, which can be exploited by an attacker to cause malicious control of a...
Improper Input Validation
craftcms/redactor, is vulnerable to Improper Input Validation. The vulnerability exists because the html is not properly validated which allows an attacker to inject payloads via HTML Injection...
Server-Side Template Injection
craftcms/cms is vulnerable to Server-Side Template Injection. The vulnerability exists due to a lack of validation in the User Photo Location Field in User Settings. which allows a remote attacker to inject a trig template, resulting in information disclosure...
Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to a lack of sanitization in field names, which allows an attacker to inject and execute arbitrary JavaScript into the browser...
GHSA-3X74-V64J-QC3F Withdrawn Advisory: CraftCMS Server-Side Template Injection vulnerability
Withdrawn This advisory has been withdrawn because the CVE has been disputed and the underlying vulnerability is likely invalid. This link is maintained to preserve external references. According to maintainers of Craft CMS, only administrators can access Settings, and those administrators may ha...
Withdrawn Advisory: CraftCMS Server-Side Template Injection vulnerability
Withdrawn This advisory has been withdrawn because the CVE has been disputed and the underlying vulnerability is likely invalid. This link is maintained to preserve external references. According to maintainers of Craft CMS, only administrators can access Settings, and those administrators may ha...
CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrator...
CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrator...
Design/Logic Flaw
DISPUTED CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only...
CVE-2023-30179
CraftCMS is affected by a Server-Side Template Injection (SSTI) in version 3.7.59, where an authenticated user can inject Twig templates into the User Photo Location in User Settings, potentially enabling Remote Code Execution. The root cause cited is lack of input validation for the Twig code in...
CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrator...
CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrator...
CraftCMS 代码注入漏洞
CraftCMS is a content management system from CraftCMS, Inc. A code injection vulnerability exists in CraftCMS version 3.7.59, which stems from susceptibility to a server-side template injection SSTI attack, where an attacker can inject a Twig template into the er Photo Location field when the Use...
CVE-2023-30179
CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection SSTI. An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution. NOTE: the vendor disputes this because only Administrator...
Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly sanitize user inputs before it outputs to the front end, allowing an attacker to inject and execute malicious javascript through the reviewSession function in AssetIndexer.ts...
Cross-Site Scripting (XSS)
craftcms/cms is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly sanitize user inputs before it output to the front end, allowing an attacker to inject and execute malicious javascript through the save function in QuickPostWidget.js...