CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CVE-2026-8433

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file rescan. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan...

8.8CVSS5.5AI score0.00019EPSS

Exploits0References1

EUVD•added 2026/05/22 12:31 a.m.•8 views

EUVD-2026-31365

2.3CVSS5.8AI score0.00019EPSS

Exploits0References2

NVD•added 2026/05/21 10:16 p.m.•8 views

CVE-2026-8434

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file rescanMultiple. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N...

8.8CVSS0.00019EPSS

Exploits0References1

NVD•added 2026/05/21 10:16 p.m.•7 views

CVE-2026-8433

8.8CVSS0.00019EPSS

Exploits0References1

Cvelist•added 2026/05/21 9:25 p.m.•30 views

CVE-2026-8433 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()

2.3CVSS0.00019EPSS

Exploits0References1

Vulnrichment•added 2026/05/21 9:25 p.m.•3 views

CVE-2026-8433 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()

2.3CVSS5.8AI score0.00019EPSS

Exploits0References1

ATTACKERKB•added 2026/05/21 9:23 p.m.•6 views

CVE-2026-8434

2.3CVSS5.8AI score0.00019EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/21 9:23 p.m.•30 views

CVE-2026-8434 Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple()

2.3CVSS0.00019EPSS

Exploits0References1

CNNVD•added 2026/05/21 12:0 a.m.•8 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS prior to 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stemmed from the concrete/controllers/backend/file rescan function, which was vulnerable to cross-site...

8.8CVSS5.7AI score0.00019EPSS

Exploits0References1

Positive Technologies•added 2026/05/21 12:0 a.m.•5 views

PT-2026-42575

Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.0.0 through 9.4.x Description Cross Site Request Forgery CSRF occurs at the 'concrete/controllers/backend/file' endpoint within the rescan function. CSRF is a type of attack that tricks a victim into submitting a...

2.3CVSS5.8AI score0.00019EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by