搜索结果
关于「craft_cms」的漏洞数据
| AVD编号 | 漏洞名称 | 漏洞类型 | 披露时间 | 漏洞状态 |
|---|---|---|---|---|
| AVD-2026-33160 | Craft CMS 鉴权绕过导致私有资源泄露(CVE-2026-33160) | 2026-03-25 | ||
| AVD-2026-33161 | Craft CMS 鉴权缺失导致私有资源信息泄露(CVE-2026-33161) | 2026-03-25 | ||
| AVD-2026-33162 | Craft CMS 权限绕过漏洞(CVE-2026-33162) | 2026-03-25 | ||
| AVD-2026-33157 | Craft CMS 5.6.x RCE漏洞(修复绕过)(CVE-2026-33157) | 2026-03-25 | ||
| AVD-2026-33158 | Craft CMS 越权读取私有资源漏洞(CVE-2026-33158) | 2026-03-25 | ||
| AVD-2026-33159 | Craft CMS 未授权配置同步漏洞(CVE-2026-33159) | 2026-03-25 | ||
| AVD-2026-33051 | Craft CMS 5.9.x 存储型XSS导致提权漏洞(CVE-2026-33051) | 2026-03-20 | ||
| AVD-2026-32264 | Craft CMS 行为注入远程代码执行漏洞(CVE-2026-32264) | 2026-03-17 | ||
| AVD-2026-32267 | Craft CMS 4/5 越权提权漏洞(CVE-2026-32267) | 2026-03-17 | ||
| AVD-2026-32262 | Craft CMS 任意文件删除漏洞(CVE-2026-32262) | 2026-03-17 | ||
| AVD-2026-32263 | Craft CMS 5.6.x-5.9.x 属性注入致RCE漏洞(CVE-2026-32263) | 2026-03-17 | ||
| AVD-2026-31857 | Craft CMS 模板注入导致的远程代码执行漏洞(CVE-2026-31857) | 2026-03-12 | ||
| AVD-2026-31859 | Craft CMS 协议过滤缺失反射型XSS(CVE-2026-31859) | 2026-03-12 | ||
| AVD-2026-31858 | Craft CMS < 5.9.9 SQL注入漏洞(CVE-2026-31858) | 2026-03-12 | ||
| AVD-2026-29113 | Craft CMS 预览令牌 CSRF 漏洞(CVE-2026-29113) | 2026-03-11 | ||
| AVD-2026-29069 | Craft CMS 待处理用户激活接口未授权访问漏洞(CVE-2026-29069) | 2026-03-05 | ||
| AVD-2026-28782 | Craft CMS 越权复制条目漏洞(CVE-2026-28782) | 2026-03-05 | ||
| AVD-2026-28696 | 通过 GraphQL @parseRefs 受 IDOR 影响的 Craft (CVE-2026-28696) | 2026-03-05 | ||
| AVD-2026-28781 | Craft CMS 身份伪造批量赋值漏洞(CVE-2026-28781) | 2026-03-05 | ||
| AVD-2026-28784 | Craft CMS Twig map 过滤器远程代码执行漏洞(CVE-2026-28784) | 2026-03-05 | ||
| AVD-2026-28783 | Craft CMS Twig 箭头函数绕过 RCE 漏洞(CVE-2026-28783) | 2026-03-05 | ||
| AVD-2026-28697 | Craft CMS SSTI 远程代码执行漏洞(CVE-2026-28697) | 2026-03-05 | ||
| AVD-2026-28695 | 通过 Twig SSTI 受身份验证的 RCE 影响的工艺 - create() 函数 + Symfony Process 小工具 (CVE-2026-28695) | 2026-03-05 | ||
| AVD-2026-27128 | craftcms craft cms-5.0.0检查时间与使用时间(TOCTOU)的竞争条件漏洞(CVE-2026-27128) | 2026-02-24 | ||
| AVD-2026-27127 | craftcms craft cms-5.0.0检查时间与使用时间(TOCTOU)的竞争条件漏洞(CVE-2026-27127) | 2026-02-24 | ||
| AVD-2026-27126 | Craft CMS 通过“HTML”列类型在表字段中存储了 XSS (CVE-2026-27126) | 2026-02-24 | ||
| AVD-2026-27129 | 通过 IPv6 解析绕过云元数据 SSRF 保护 (CVE-2026-27129) | 2026-02-24 | ||
| AVD-2026-25495 | Craft CMS SQL注入漏洞(CVE-2026-25495) | 2026-02-10 | ||
| AVD-2026-25498 | Craft CMS 安全漏洞(CVE-2026-25498) | 2026-02-10 | ||
| AVD-2026-25496 | Craft CMS 跨站脚本漏洞(CVE-2026-25496) | 2026-02-10 |