← Back to Search

Craft CMS

2025-02-20 · Severity 5/10 — Medium · Web_app_exploit
Incident Summary

Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution.

Sources
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Details
Records Affected
Unknown
Industry
Technology
Headquarters
Date Reported
2025-02-20
Related Breaches
Craft CMS
2026-03-20 · Severity 7 · Vulnerability