Vulnerabilidades en craftcms
99 resultadosCVE-2025-32432CRITICALCraft CMS Allows Remote Code ExecutionEPSS 99.7%KEVCVE-2024-56145CRITICALRCE when PHP `register_argc_argv` config setting is enabled in craftcms/cmsEPSS 97.4%KEVCVE-2023-41892CRITICALCraft CMS Remote Code Execution vulnerabilityEPSS 92.9%CVE-2026-32267HIGHCraft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()EPSS 7.7%CVE-2025-23209HIGHPotential RCE with a compromised security key in craft/cmsEPSS 4.1%KEVCVE-2023-40035HIGHCraft CMS vulnerable to Remote Code Execution via validatePath bypassEPSS 1.9%CVE-2023-32679HIGHRemote Code Execution via unrestricted file extension in Craft CMSEPSS 1.8%CVE-2024-52293HIGHCraft has a Potential Remote Code Execution via missing path normalization & Twig SSTIEPSS 1.3%CVE-2025-46731HIGHCraft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTIEPSS 1.2%CVE-2024-52291HIGHCraft has a Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code ExecutionEPSS 1.1%CVE-2026-28697CRITICALCraft Affected by Authenticated RCE via "craft.app.fs.write()" in Twig TemplatesEPSS 1.1%CVE-2026-33157HIGHCraft CMS: Potential authenticated Remote Code Execution via malicious attached BehaviorEPSS 1.0%CVE-2026-25498HIGHCraft has a potential authenticated Remote Code Execution via malicious attached BehaviorEPSS 1.0%CVE-2025-68455HIGHCraft CMS vulnerable to potential authenticated Remote Code Execution via malicious attached BehaviorEPSS 0.8%CVE-2025-57811MEDIUMCraft Potential Remote Code Execution via Twig SSTIEPSS 0.8%CVE-2023-23927MEDIUMCraft CMS stored cross-site scripting vulnerabilityEPSS 0.8%CVE-2025-68454MEDIUMCraft CMS vulnerable to potential authenticated Remote Code Execution via Twig SSTIEPSS 0.8%CVE-2023-33197MEDIUMCraft CMS stored XSS in indexedVolumesEPSS 0.7%CVE-2026-31857HIGHCraftCMS has an RCE vulnerability via relational conditionals in the control panelEPSS 0.7%CVE-2024-52292HIGHCraft Allows Attackers to Read Arbitrary System FilesEPSS 0.7%