Filtered by vendor Concretecms
Subscribe
Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40105 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments. | |||||
| CVE-2021-40100 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text. | |||||
| CVE-2021-22967 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add Message to a Conversation.To remediate this, a check was added to verify a user has permissions to view files before attaching the files to a message in "add / edit messageā.Concrete CMS security team gave this a CVSS v3.1 score of 4.3 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NCredit for discovery Adrian H | |||||
| CVE-2021-40102 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method). | |||||
| CVE-2021-22951 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in view_inline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations were put in place a. restricting file types for view_inline to images only b. putting a warning in the file manager to advise users.Credit for discovery: "Solar Security Research Team"Concrete CMS security team CVSS scoring is 5.3: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis fix is also in Concrete version 9.0.0 | |||||
| CVE-2021-40108 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint. | |||||
| CVE-2021-22949 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 5.8 MEDIUM | 5.4 MEDIUM |
| A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team" | |||||
| CVE-2021-36766 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/system/environment/logging.php Logging::update_logging() method. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() PHP function. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code. | |||||
| CVE-2021-3111 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 3.5 LOW | 4.8 MEDIUM |
| The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI. | |||||
| CVE-2021-28145 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
| Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges. | |||||
| CVE-2020-11476 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file. | |||||
| CVE-2020-24986 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands. | |||||
| CVE-2020-14961 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value. | |||||
| CVE-2011-3183 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier. | |||||
| CVE-2018-19146 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 3.5 LOW | 4.8 MEDIUM |
| Concrete5 8.4.3 has XSS because config/concrete.php allows uploads (by administrators) of SVG files that may contain HTML data with a SCRIPT element. | |||||
| CVE-2018-13790 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | |||||
| CVE-2017-18195 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers. | |||||
| CVE-2015-4724 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Concrete5 5.7.3.1. | |||||
| CVE-2015-4721 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1. | |||||
| CVE-2017-8082 | 1 Concretecms | 1 Concrete Cms | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving the /tools/required/files/importers/imageeditor?fID=1&imgData= URI. This results in a site-wide denial of service making the site not accessible to any users or any administrators. | |||||