Max CVSS 4.0 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-20465 4.0
Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a {% string for craft.app.config.DB.user and craft.app.config.DB.password in the URI Format of th
03-10-2019 - 00:03 25-12-2018 - 23:29
CVE-2018-20418 3.5
index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.
16-03-2019 - 01:52 24-12-2018 - 04:29
Back to Top Mark selected
Back to Top