Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.14 views

CVE-2021-32649

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

8.8CVSS7.1AI score0.01336EPSS
Exploits0
Circl
Circl
added 2022/01/14 6:23 p.m.8 views

CVE-2021-32649

creationtimestamp| type| source ---|---|--- 2022-01-14 18:23:15+00:00| seen| https://t.me/cibsecurity/35505...

8.8CVSS8.1AI score0.01336EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/14 3:5 p.m.42 views

CVE-2021-32649 Authenticated file write leads to remote code execution in october/system

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

8.8CVSS9AI score0.01336EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/01/14 3:5 p.m.7 views

CVE-2021-32649 Authenticated file write leads to remote code execution in october/system

October CMS is a self-hosted content management system CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in t...

8.8CVSS7.5AI score0.01336EPSS
Exploits0References2
CVE
CVE
added 2022/01/14 3:5 p.m.89 views

CVE-2021-32649

CVE-2021-32649 affects October CMS (Laravel-based). Before versions 1.0.473 and 1.1.6 , an attacker with backend privileges to create, modify and delete website pages can trigger PHP code execution by embedding specially crafted Twig code in the template markup. The issue is remedied in Build 473...

8.8CVSS8.8AI score0.01336EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder