Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:42 p.m.7 views

CVE-2020-5295

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Issue has...

4.9CVSS6.3AI score0.07371EPSS
Exploits4References1
Circl
Circl
added 2024/11/14 6:7 a.m.10 views

CVE-2020-5295

creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:13+00:00| seen| MISP/7be53586-c369-4f40-9955-821d8b372d1e...

4.9CVSS5.4AI score0.07371EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/11/13 12:0 a.m.654 views

October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)

Exploit Title: October CMS Build 465 - Arbitrary File Read Exploit Authenticated Date: 2020-03-31 Exploit Author: Sivanesh Ashok Vendor Homepage: https://octobercms.com/ Version: Build 465 and below Tested on: Windows 10 / XAMPP / October CMS Build 465 CVE: CVE-2020-5295 echo ''' Authenticated...

4.9CVSS5.1AI score0.07371EPSS
Exploits4
Cvelist
Cvelist
added 2020/06/03 9:50 p.m.40 views

CVE-2020-5295 Local File read vulnerability in OctoberCMS

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manageassets permission. Issue has...

4.8CVSS4.8AI score0.07371EPSS
Exploits4References4
CVE
CVE
added 2020/06/03 9:50 p.m.123 views

CVE-2020-5295

CVE-2020-5295 affects October CMS (october/october composer package) versions 1.0.319–1.0.465. An authenticated backend user with cms.manage_assets permission can read local files on the server. The issue has been fixed in Build 466 (v1.0.466).

4.9CVSS4.7AI score0.07371EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder