12 matches found
EUVD-2021-2427
Malware in sbrugna...
The vulnerability of the Crafter CMS content management system, related to security configuration errors, allows attackers to create, view, and delete search indexes.
The vulnerability of the Crafter CMS content management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to create, view, and delete search indexes remotely...
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
GHSA-2WR2-8QJQ-GH55 Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
Crafter CMS licensing issue vulnerability
Crafter CMS is an open source content management system CMS for digital experience applications. Crafter CMS is vulnerable to an authorization issue in versions 3.1 through 3.1.15, which stems from a lack of authentication measures or insufficient authentication strength in the web system or...
CVE-2021-23264
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
CVE-2021-23264
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
Code injection
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
CVE-2021-23264 Transmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search
Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...
Crafter CMS 安全漏洞
Crafter CMS is an open source content management system CMS for digital experience applications. Crafter CMS is vulnerable to an authorization issue in versions 3.1 through 3.1.15, which stems from a lack of authentication measures or insufficient authentication strength in the web system or...
Search API attachments - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-034
This module enables you to extract the textual content of files for use on a website, e.g. to display it or use it in search indexes. The module doesn't sufficiently protect the administrator-defined commands that are executed on the server, which leads to post-authentication remote code executio...
zekerenmobiel.nl XSS vulnerability
Open Bug Bounty ID: OBB-591677 Description| Value ---|--- Affected Website:| zekerenmobiel.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...