VYPR

CTFd

by CTFd

Source repositories

CVEs (7)

  • CVE-2026-30345HigMar 18, 2026
    risk 0.49cvss 7.5epss 0.00

    A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import.

  • CVE-2024-46242HigJan 7, 2025
    risk 0.49cvss 7.5epss 0.01

    An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e-mail address during registration.

  • CVE-2024-11717MedJan 2, 2025
    risk 0.41cvss epss 0.01

    Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might…

  • CVE-2025-23001MedJan 31, 2025
    risk 0.40cvss 6.1epss 0.00

    A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE:…

  • CVE-2024-11716MedJan 2, 2025
    risk 0.35cvss epss 0.12

    While assignment of a user to a team (bracket) in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing.…

  • CVE-2024-42988MedOct 9, 2024
    risk 0.21cvss 4.3epss 0.00

    Lack of access control in ChallengeSolves (/api/v1/challenges//solves) of CTFd v2.0.0 - v3.7.2 allows authenticated users to retrieve a list of users who have solved the challenge, regardless of the Account Visibility settings. The issue is fixed in v3.7.3+.

  • CVE-2020-7245CriJan 23, 2020
    risk 0.00cvss 9.8epss 0.01

    Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd instance. To exploit the vulnerability, one must register with a username identical…