Craftcms ≫ Craft Cms

Craft CMS before 3.1.31 does not properly filter XML feeds and thus allowing XSS.

Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a {% string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of th...

index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.

Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.

Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file.

Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.

Craft CMS before 2.6.2976 allows XSS attacks because an array returned by HttpRequestService::getSegments() and getActionSegments() need not be zero-based. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-8052.

Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message.

Craft CMS before 2.6.2974 allows XSS attacks.