Filter
-Infinity
0
Crafter CMSTransmission of Private Resources into a New Sphere ('Resource Leak') and Exposure of Resource to Wrong Sphere in Crafter Search
9.1
First published (updated )
maven/org.craftercms:crafter-studioImproper Control of Dynamically-Managed Code Resources in Crafter Studio
First published (updated )
Crafter CMSAuthenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects.
First published (updated )
Crafter CMSAuthenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting.
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Crafter CMSCrafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attac…
8.6
First published (updated )
Crafter CMSIn Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specia…
8.6
First published (updated )
Crafter CMSTransmission of Private Resources into a New Sphere ('Resource Leak') in Crafter Engine
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.craftercms:crafter-studioImproper Control of Dynamically-Managed Code Resources in Crafter Studio
7.2
First published (updated )
Crafter CMSSnakeyaml deserialization vulnerability bypass
7.2
First published (updated )
Crafter CMSImproper Control of Dynamically-Managed Code Resources in Crafter Studio
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Crafter CMSImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Crafter Studio
7.2
First published (updated )
Crafter CMSStored XSS Vulnerability in File Name of the File Upload function
6.5
First published (updated )
Crafter CMSIn Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attack…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Crafter CMSOverriding the system configuration file causes a denial of service
4.9
First published (updated )
Crafter CMSImproper Output Neutralization for Logs in Crafter Studio
4.3
First published (updated )
Crafter CMSImproper Privilege Management in Crafter Studio
4.3
First published (updated )