Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-2427

Malware in sbrugna...

9.1CVSS9.1AI score0.0114EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.5 views

The vulnerability of the Crafter CMS content management system, related to security configuration errors, allows attackers to create, view, and delete search indexes.

The vulnerability of the Crafter CMS content management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to create, view, and delete search indexes remotely...

10CVSS7.7AI score0.0114EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/12/16 3:27 p.m.21 views

Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

9.1CVSS6.3AI score0.0114EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/12/16 3:27 p.m.17 views

GHSA-2WR2-8QJQ-GH55 Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

9.1CVSS9.3AI score0.0114EPSS
Exploits0References3
CNVD
CNVD
added 2021/12/04 12:0 a.m.22 views

Crafter CMS licensing issue vulnerability

Crafter CMS is an open source content management system CMS for digital experience applications. Crafter CMS is vulnerable to an authorization issue in versions 3.1 through 3.1.15, which stems from a lack of authentication measures or insufficient authentication strength in the web system or...

9.1CVSS3AI score0.0114EPSS
Exploits0References1
NVD
NVD
added 2021/12/02 4:15 p.m.20 views

CVE-2021-23264

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

9.1CVSS0.0114EPSS
Exploits0References1
OSV
OSV
added 2021/12/02 4:15 p.m.11 views

CVE-2021-23264

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

9.1CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2021/12/02 4:15 p.m.12 views

Code injection

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

6.4CVSS9.2AI score0.0114EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/02 3:40 p.m.21 views

CVE-2021-23264 Transmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search

Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes...

8.1CVSS9.5AI score0.0114EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/12/02 12:0 a.m.6 views

Crafter CMS 安全漏洞

Crafter CMS is an open source content management system CMS for digital experience applications. Crafter CMS is vulnerable to an authorization issue in versions 3.1 through 3.1.15, which stems from a lack of authentication measures or insufficient authentication strength in the web system or...

9.1CVSS5.7AI score0.0114EPSS
Exploits0References3
Drupal
Drupal
added 2021/09/22 12:0 a.m.27 views

Search API attachments - Critical - Arbitrary PHP code execution - SA-CONTRIB-2021-034

This module enables you to extract the textual content of files for use on a website, e.g. to display it or use it in search indexes. The module doesn't sufficiently protect the administrator-defined commands that are executed on the server, which leads to post-authentication remote code executio...

7.6AI score
Exploits0References7
Openbugbounty
Openbugbounty
added 2018/03/26 1:2 a.m.14 views

zekerenmobiel.nl XSS vulnerability

Open Bug Bounty ID: OBB-591677 Description| Value ---|--- Affected Website:| zekerenmobiel.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Rows per page
Query Builder