craftycontrol crafty_controller CVE 漏洞(7)

CVE 數: 7 CPE versions: View versions table

摘要

本頁列出影響 craftycontrol crafty_controller 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 177 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-5652 An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation. [email protected] 9.0 0.44% 2026-04-21 2026-06-17
CVE-2026-0963 An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. [email protected] 9.9 0.68% 2026-01-30 2026-06-17
CVE-2026-0805 An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. [email protected] 8.2 0.60% 2026-01-30 2026-06-17
CVE-2025-14701 An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification. [email protected] 7.1 0.24% 2025-12-16 2026-06-17
CVE-2025-14700 An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection. [email protected] 9.9 6.00% 2025-12-16 2026-06-17
CVE-2025-5990 An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input. [email protected] 7.6 0.16% 2025-06-15 2026-06-17
CVE-2024-1064 A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header [email protected] 7.5 0.81% 2024-02-03 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence