4 matches found
GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel
A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...
CVE-2025-12840
creationtimestamp| type| source ---|---|--- 2025-11-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-991/ 2026-01-26 11:26:56+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdd56ezxo22q...
CVE-2018-0619
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
SQL Injection Vulnerability in Rice CMS v5.99
DAMI CMS is a free open-source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smartphone station building solutions. There is a SQL injection vulnerability in the back-end of DAMI CMS v5.99, which ca...