Brad Bell

8 exploits Active since Mar 2021
CVE-2026-29172 WRITEUP HIGH WRITEUP
Craft Commerce <4.10.2/5.5.3 - SQL Injection
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.10.2 and 5.5.3, Craft Commerce is vulnerable to SQL Injection in the purchasables table endpoint. The sort parameter is split by | and the first part (column name) is passed directly as an array key to orderBy() without whitelist validation. Yii2's query builder does NOT escape array keys, allowing an authenticated attacker to inject arbitrary SQL into the ORDER BY clause. This vulnerability is fixed in 4.10.2 and 5.5.3.
CVSS 8.8
CVE-2026-29173 WRITEUP MEDIUM WRITEUP
Craft Commerce <4.10.2/5.5.3 - XSS
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.10.2 and 5.5.3, a stored XSS vulnerability exists when a user tries to update the Order Status from the Commerce Orders Table. The Order Status Name is rendered without proper escaping, allowing script execution to occur. This vulnerability is fixed in 4.10.2 and 5.5.3.
CVSS 4.8
CVE-2026-29174 WRITEUP HIGH WRITEUP
Craft Commerce <5.5.3 - SQL Injection
Craft Commerce is an ecommerce platform for Craft CMS. Prior to 5.5.3, Craft Commerce is vulnerable to SQL Injection in the inventory levels table data endpoint. The sort[0][direction] and sort[0][sortField] parameters are concatenated directly into an addOrderBy() clause without any validation or sanitization. An authenticated attacker with access to the Commerce Inventory section can inject arbitrary SQL queries, potentially leading to a full database compromise. This vulnerability is fixed in 5.5.3.
CVSS 8.8
CVE-2020-19626 WRITEUP MEDIUM WRITEUP
Craftcms Craft Cms < 3.1.33 - XSS
Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows remote attackers to inject arbitrary web script or HTML, via /admin/settings/sites/new.
CVSS 5.4
CVE-2023-30177 WRITEUP MEDIUM WRITEUP
Craftcms Craft Cms < 3.7.68 - XSS
CraftCMS 3.7.59 is vulnerable Cross Site Scripting (XSS). An attacker can inject javascript code into Volume Name.
CVSS 6.1
CVE-2023-40035 WRITEUP HIGH WRITEUP
Craftcms Craft Cms < 3.8.15 - Injection
Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable only in the authenticated users, configuration with ALLOW_ADMIN_CHANGES=true, there is still a potential security threat (Remote Code Execution). This issue has been patched in version 4.4.15 and version 3.8.15.
CVSS 7.2
CVE-2024-21622 WRITEUP MEDIUM WRITEUP
Craftcms Craft Cms < 3.9.6 - Improper Privilege Management
Craft is a content management system. This is a potential moderate impact, low complexity privilege escalation vulnerability in Craft starting in 3.x prior to 3.9.6 and 4.x prior to 4.4.16 with certain user permissions setups. This has been fixed in Craft 4.4.16 and Craft 3.9.6. Users should ensure they are running at least those versions.
CVSS 5.4
CVE-2025-57811 WRITEUP HIGH WRITEUP
Craftcms Craft Cms < 4.16.6 - Remote Code Execution
Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI (Server-Side Template Injection). This is a follow-up to CVE-2024-52293. This vulnerability has been patched in versions 4.16.6 and 5.8.7.
CVSS 7.2