craftycontrol crafty_controller CVE 漏洞(7)

CVE 数: 7 CPE versions: View versions table

摘要

本页列出影响 craftycontrol crafty_controller 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 177 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-5652 An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation. [email protected] 9.0 0.44% 2026-04-21 2026-06-17
CVE-2026-0963 An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. [email protected] 9.9 0.68% 2026-01-30 2026-06-17
CVE-2026-0805 An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. [email protected] 8.2 0.60% 2026-01-30 2026-06-17
CVE-2025-14701 An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification. [email protected] 7.1 0.24% 2025-12-16 2026-06-17
CVE-2025-14700 An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection. [email protected] 9.9 6.00% 2025-12-16 2026-06-17
CVE-2025-5990 An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. [email protected] 7.6 0.16% 2025-06-15 2026-06-17
CVE-2024-1064 A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header [email protected] 7.5 0.81% 2024-02-03 2026-06-17
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence