Known Vulnerabilities for Studio by Craftercms
Listed below are 2 of the newest known vulnerabilities associated with "Studio" by "Craftercms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-31913 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Whitebox-Studio Scape scape a... | Not Provided | 2026-03-25 | 2026-03-26 |
| CVE-2026-30463 json | Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php compone... | Not Provided | 2026-03-26 | 2026-03-27 |
| CVE-2026-30460 json | Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Bl... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-30458 json | An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting a... | Not Provided | 2026-03-26 | 2026-03-28 |
| CVE-2026-30457 json | An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via craft... | Not Provided | 2026-03-26 | 2026-03-28 |
| CVE-2026-5709 json | Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 migh... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2026-5708 json | Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (R... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2026-5707 json | Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES)�... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2025-62923 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debuggers Studio Marque... | Not Provided | 2025-10-27 | 2026-04-01 |
| CVE-2025-59553 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coderz Studio Custom iF... | Not Provided | 2025-09-22 | 2026-04-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Craftercms | Studio | 3.1.9 | |||
| Application | Craftercms | Studio | 3.1.8 | |||
| Application | Craftercms | Studio | 3.1.7 | |||
| Application | Craftercms | Studio | 3.1.6 | |||
| Application | Craftercms | Studio | 3.1.5 | |||
| Application | Craftercms | Studio | 3.1.4 | |||
| Application | Craftercms | Studio | 3.1.3 | |||
| Application | Craftercms | Studio | 3.1.2 | |||
| Application | Craftercms | Studio | 3.1.1 | |||
| Application | Craftercms | Studio | 3.1.0 | |||
| Application | Craftercms | Studio | 3.0.9 | |||
| Application | Craftercms | Studio | 3.0.8 | |||
| Application | Craftercms | Studio | 3.0.7 | |||
| Application | Craftercms | Studio | 3.0.6 | |||
| Application | Craftercms | Studio | 3.0.5 | |||
| Application | Craftercms | Studio | 3.0.4 | |||
| Application | Craftercms | Studio | 3.0.3 | |||
| Application | Craftercms | Studio | 3.0.27 | |||
| Application | Craftercms | Studio | 3.0.26 | |||
| Application | Craftercms | Studio | 3.0.25 |