Craft CMS 4.12.2 and 5.4.3 Remote Code Execution Vulnerabilit
Reporter | Title | Published | Views | Family All 15 |
---|---|---|---|---|
CVE | CVE-2024-52293 | 13 Nov 202416:15 | – | cve |
CVE | CVE-2023-40035 | 23 Aug 202321:15 | – | cve |
Github Security Blog | Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI | 13 Nov 202414:16 | – | github |
Github Security Blog | Craft CMS vulnerable to Remote Code Execution via validatePath bypass | 21 Aug 202319:58 | – | github |
OSV | Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI | 13 Nov 202414:16 | – | osv |
OSV | CVE-2024-52293 | 13 Nov 202416:15 | – | osv |
OSV | Craft CMS vulnerable to Remote Code Execution via validatePath bypass | 21 Aug 202319:58 | – | osv |
OSV | CVE-2023-40035 | 23 Aug 202321:15 | – | osv |
Cvelist | CVE-2024-52293 Craft has a Potential Remote Code Execution via missing path normalization & Twig SSTI | 13 Nov 202416:04 | – | cvelist |
Cvelist | CVE-2023-40035 Craft CMS vulnerable to Remote Code Execution via validatePath bypass | 23 Aug 202320:05 | – | cvelist |
[
{
"cpes": [
"cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:*"
],
"vendor": "craftcms",
"product": "craft_cms",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "4.0.0-RC1"
},
{
"status": "affected",
"version": "0",
"lessThan": "4.12.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "5.0.0-RC1"
},
{
"status": "affected",
"version": "0",
"lessThan": "5.4.3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo