Lucene search
K

4 matches found

OSV
OSV
added 2026/03/11 2:56 p.m.6 views

GHSA-FP5J-J7J4-MCXC CraftCMS has an RCE vulnerability via relational conditionals in the control panel

A Remote Code Execution vulnerability exists in the Craft CMS 5 conditions system. The BaseElementSelectConditionRule::getElementIds method passes user-controlled string input through renderObjectTemplate -- an unsandboxed Twig rendering function with escaping disabled. Any authenticated Control...

9.3CVSS5.9AI score0.00665EPSS
Exploits0References4
Circl
Circl
added 2025/11/11 5:0 a.m.7 views

CVE-2025-12840

creationtimestamp| type| source ---|---|--- 2025-11-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-991/ 2026-01-26 11:26:56+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdd56ezxo22q...

7.8CVSS7.3AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2018/07/26 5:29 p.m.3 views

CVE-2018-0619

Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS5.8AI score0.00794EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/14 12:0 a.m.3 views

SQL Injection Vulnerability in Rice CMS v5.99

DAMI CMS is a free open-source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smartphone station building solutions. There is a SQL injection vulnerability in the back-end of DAMI CMS v5.99, which ca...

8AI score
Exploits0
Rows per page
Query Builder