Package impact
Packagist / craftcms/cms
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9516 | medium | 5.4 | 6.4 | 9y ago | Craft CMS XSS Vulnerability | |||
| CVE-2025-32432 | unknown | — | 2.5 | 1y ago | Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code. | |||
| CVE-2024-56145 | unknown | — | 2.5 | 2y ago | Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled. | |||
| CVE-2023-41892 | unknown | — | 1.0 | 3y ago | Craft CMS Remote Code Execution vulnerability | |||
| CVE-2018-20418 | unknown | — | 1.0 | 4y ago | Craft CMS Cross-site Scripting (XSS) Vulnerability |