Filtered by vendor Concretecms
Subscriptions
Filtered by product Concrete Cms
Subscriptions
Total
81 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-40097 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 8.8 High |
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter. | ||||
CVE-2021-40098 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 9.8 Critical |
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression. | ||||
CVE-2021-40103 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 7.5 High |
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF. | ||||
CVE-2021-40105 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 6.1 Medium |
An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments. | ||||
CVE-2021-40106 | 1 Concretecms | 1 Concrete Cms | 2021-10-01 | 6.1 Medium |
An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field. | ||||
CVE-2021-40102 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 9.1 Critical |
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method). | ||||
CVE-2021-40100 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 5.4 Medium |
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text. | ||||
CVE-2021-40099 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 7.2 High |
An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. | ||||
CVE-2021-22950 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 6.5 Medium |
Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team" | ||||
CVE-2021-40109 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 6.4 Medium |
A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents of the file from the redirected-to server. Files of disallowed types can be uploaded. | ||||
CVE-2021-40108 | 1 Concretecms | 1 Concrete Cms | 2021-09-30 | 8.8 High |
An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint. | ||||
CVE-2021-36766 | 1 Concretecms | 1 Concrete Cms | 2021-09-22 | 7.2 High |
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/system/environment/logging.php Logging::update_logging() method. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() PHP function. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code. | ||||
CVE-2021-3111 | 1 Concretecms | 1 Concrete Cms | 2021-07-22 | 4.8 Medium |
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI. | ||||
CVE-2018-19146 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | N/A |
Concrete5 8.4.3 has XSS because config/concrete.php allows uploads (by administrators) of SVG files that may contain HTML data with a SCRIPT element. | ||||
CVE-2011-3183 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | 6.1 Medium |
A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier. | ||||
CVE-2014-9526 | 2 Concrete5, Concretecms | 2 Concrete5, Concrete Cms | 2021-07-15 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gName parameter in single_pages/dashboard/users/groups/bulkupdate.php or (2) instance_id parameter in tools/dashboard/sitemap_drag_request.php. | ||||
CVE-2015-4724 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | N/A |
SQL injection vulnerability in Concrete5 5.7.3.1. | ||||
CVE-2015-4721 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1. | ||||
CVE-2018-13790 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | 7.2 High |
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | ||||
CVE-2017-7725 | 1 Concretecms | 1 Concrete Cms | 2021-07-15 | 6.1 Medium |
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header; this is stored and allows for arbitrary domains to be set for certain links displayed to subsequent visitors, potentially an XSS vector. |