CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Craftycontrol: >> Crafty Controller Security Vulnerabilities

CVE-2025-5990

An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.

CVSS Score

7.6

EPSS Score

0.0

Published

2025-06-15

CVE-2024-1064

A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header

CVSS Score

7.5

EPSS Score

0.006

Published

2024-02-03

Page 1

Vulnerabilities

Vulnerable Software

Craftycontrol: >> Crafty Controller Security Vulnerabilities

Products

Pricing

Contact Us