146 matches found
Authentication flaw
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated...
Design/Logic Flaw
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5...
CVE-2021-29487 Authentication bypass in Octobercms
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated...
CVE-2021-29487
CVE-2021-29487 affects the October CMS platform (october/system) and enables an unauthenticated attacker to bypass authentication and take over a frontend user account. The exploit relies on obtaining Laravel’s secret key for cookie encryption/signing. The vulnerability has been patched in Build ...
CVE-2021-32648 Account Takeover in Octobercms
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5...
CVE-2021-32648 Account Takeover in Octobercms
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5...
CVE-2021-32648
CVE-2021-32648 affects October CMS (Laravel-based) through the october/system package. An authentication bypass allows an attacker to request a password reset and then take over an account. Patches are available: Build 472 and v1.1.5. Public advisories and CVE trackers consistently describe this ...
CVE-2021-32648
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5. Recent...
Octobercms 安全漏洞
Octobercms is a Php-based Cms website builder from the US company Octobercms. A security vulnerability exists in octobercms october, which originates in an affected version of the october/system package, where an attacker can request a reset of an account password and then use a specially crafted...
GHSA-FCR8-6Q7R-M4WG Bypass of fix for CVE-2020-26231, Twig sandbox escape
Impact A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide...
Bypass of fix for CVE-2020-26231, Twig sandbox escape
Impact A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide...
Cross-site Scripting (XSS) - Stored in octobercms/library
✍️ Description OctoberCMS uses october/rain library to handle file uploads. Previously it was possible to upload malicious files with HTML content to the CMS via its Media upload feature. This security issue marked as CVE-2020-15249 was fixed in 1.0.469. But it is still possible to upload XML...
Octobercms Code Issues Vulnerabilities
Octobercms is a Php based Cms website builder from Octobercms, Inc. A security vulnerability exists in Octobercms through build 471, which stems from the fact that it reactivates old session IDs when a new login occurs...
Bypass of fix for CVE-2020-15247, Twig sandbox escape
Impact A bypass of CVE-2020-15247 fixed in 1.0.469 and 1.1.0 was discovered that has the same impact as CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide PHP code to be execut...
Twig Sandbox Escape by authenticated users with access to editing CMS templates when safemode is enabled.
Impact An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to cms.enableSafeMode being enabled is able to write specific Twig code to escape the Twig...
GHSA-RFJC-XRMF-5VVW Privilege escalation by backend users assigned to the default "Publisher" system role
Impact Backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. Patches Issue has been patched in...
Reliance on Cookies without validation in OctoberCMS
Impact Previously encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code nothing exploitable in the core project itself had a higher chance of...
CVE-2020-15128
In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code nothing exploitable in the core project itself had a...
CVE-2020-15128
In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code nothing exploitable in the core project itself had a...
Design/Logic Flaw
In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code nothing exploitable in the core project itself had a...