Known vulnerabilities in Pixel & Tonic, Inc. Craft CMS - page 2

Website: https://craftcms.com/
Total Security Bulletins: 56

Security bulletins (56)

Secuity bulletin Severity Status Published
SB2025060309: Improper input validation in Craft CMS Medium
Patched Exploited
03.06.2025
SB2025050549: Authenticated SSTI in Craft CMS Low
Patched Public exploit
05.05.2025
SB2025042834: Remote code execution in Craft CMS Critical
Patched Exploited
28.04.2025
SB2025010620: Remote code execution in Craft CMS High
Patched Exploited
06.01.2025
SB2024121837: Remote code execution in Craft CMS High
Patched Exploited
18.12.2024
SB2024111363: Input validation error in Craft CMS Low
Patched
13.11.2024
SB2024111362: Path traversal in Craft CMS Low
Patched
13.11.2024
SB2024111364: Files or Directories Accessible to External Parties in Craft CMS Low
Patched
13.11.2024
SB2024072609: Insufficient Session Expiration in Craft CMS Medium
Patched
26.07.2024
SB2024050924: Multiple vulnerabilities in Craft CMS Low
Patched
09.05.2024
SB2024030712: Server-side template injection in Craft CMS Medium
Patched
07.03.2024
SB2024021508: Craft CMS update for composer Low
Patched
15.02.2024
SB2024010423: Privilege escalation in Craft CMS High
Patched
04.01.2024
SB2024010422: Privilege escalation in Craft CMS High
Patched
04.01.2024
SB2024010314: Privilege escalation in Craft CMS Medium
Patched
03.01.2024
SB2023101838: Remote code execution in Craft CMS High
Patched
18.10.2023
SB2023091461: Remote code execution in Craft CMS High
Patched Public exploit
14.09.2023
SB20230821232: Security restrictions bypass in Craft CMS Low
Patched
21.08.2023
SB2023081020: Information disclosure in Craft CMS Medium
Patched
10.08.2023
SB2023071928: Remote code execution in Craft CMS High
Patched
19.07.2023


Showing elements 21 - 40 out of 56