Vulnerabilities > Craftercms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-06 | CVE-2020-25803 | Improper Control of Dynamically-Managed Code Resources vulnerability in Craftercms Studio Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. | 9.0 |
2020-10-06 | CVE-2020-25802 | Improper Control of Dynamically-Managed Code Resources vulnerability in Craftercms Studio Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. | 9.0 |
2018-12-06 | CVE-2018-19907 | OS Command Injection vulnerability in Craftercms Crafter CMS A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. | 8.8 |