CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/11/23 8:15 p.m.•16 views

CVE-2020-15246

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 v1.0.469 and...

7.5CVSS7.5AI score

NVD•added 2020/11/23 8:15 p.m.•12 views

CVE-2020-15249

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files were permitted to upload SVG files without any sanitization applied to the uploaded files. Since S...

5.4CVSS4.2AI score0.00165EPSS

Prion•added 2020/11/23 8:15 p.m.•13 views

Double free

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user ha...

4.6CVSS4.6AI score0.00049EPSS

Prion•added 2020/11/23 8:15 p.m.•8 views

Double free

5CVSS7.4AI score0.01094EPSS

Cvelist•added 2020/11/23 7:50 p.m.•16 views

CVE-2020-15249 Stored XSS by authenticated backend user with access to upload files

2.8CVSS5.4AI score0.00165EPSS

CVE•added 2020/11/23 7:50 p.m.•59 views

CVE-2020-15249

CVE-2020-15249 applies to October CMS: backend file upload allowed SVGs without sanitization in versions before 1.0.469 (and 1.0.x), enabling potential stored XSS via uploaded SVG content. The issue’s root cause is lack of SVG sanitization in the Media upload feature; the backend displays SVGs as...

5.4CVSS4.5AI score0.00165EPSS

CVE•added 2020/11/23 7:40 p.m.•65 views

CVE-2020-15248

CVE-2020-15248 affects October CMS prior to 1.0.470 (and 1.0.470+ in 1.0 line), where backend users with the default Publisher role can create/manage users and assign roles, enabling privilege escalation to Developer. Root cause: insecure authorization in user-creation workflow allows escalation....

4.6CVSS4.4AI score0.00049EPSS

Cvelist•added 2020/11/23 7:40 p.m.•11 views

CVE-2020-15248 Privilege escalation by backend users assigned to the default "Publisher" system role

4CVSS4.5AI score0.00049EPSS

Cvelist•added 2020/11/23 7:35 p.m.•14 views

CVE-2020-15247 Twig Sandbox Escape by authenticated users with access to editing CMS templates when safemode is enabled.

5.2CVSS5.8AI score0.00146EPSS

CVE•added 2020/11/23 7:25 p.m.•73 views

CVE-2020-15246

CVE-2020-15246 affects October CMS (Laravel-based). A Local File Inclusion (LFI) vulnerability allows reading local files on an October CMS server via a specially crafted request. Affected versions are 1.0.421 up to, but not including, 1.0.469. The issue has been patched in Build 469 (v1.0.469) a...

7.5CVSS7.4AI score0.01094EPSS

Cvelist•added 2020/11/23 7:25 p.m.•16 views

CVE-2020-15246 Local File Inclusion by unauthenticated users

7.5CVSS7.4AI score0.01094EPSS

CNVD•added 2020/09/15 12:0 a.m.•2 views

ThinkAdmin Directory Traversal Vulnerability

ThinkAdmin is a backend management framework based on the latest ThinkPHP V6 development, open source using the MIT protocol. ThinkAdmin v6 has a directory traversal vulnerability. Attackers can use the GET request encode parameter to exploit the vulnerability to read arbitrary files on a remote...

7.5CVSS7AI score0.93767EPSS

Exploits5References1

OpenVAS•added 2020/09/12 12:0 a.m.•22 views

Fedora: Security Advisory for php-symfony4 (FEDORA-2020-16eb328853)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.02248EPSS

Fedora•added 2020/09/11 3:18 p.m.•20 views

[SECURITY] Fedora 32 Update: php-symfony4-4.4.13-1.fc32

Symfony PHP framework version 4. NOTE: Does not require PHPUnit bridge...

8.8CVSS2.7AI score0.02248EPSS

CNVD•added 2020/08/02 12:0 a.m.•1 views

Code Execution Vulnerability in KiteCMS Backend

KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , applicable to individuals and enterprises to quickly build stations and development needs. Provide website templates for various industries , the system uses a...

7.6AI score

CNVD•added 2020/07/09 12:0 a.m.•0 views

File inclusion vulnerability in WeiPHP Ad***.cl***.php file at Shenzhen Yuanmeng Cloud Technology Co.

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. Shenzhen Yuanmeng Yun Technology Co., Ltd WeiPHP Ad.cl.php file file contains a file inclusion vulnerability, which can be exploited by an attacker to gain...

7.1AI score

CNVD•added 2020/06/29 12:0 a.m.•1 views

Command Execution Vulnerability in HisiPHP V2.0.11

HisiPHP is based on ThinkPHP5 + Layui development of a set of free WEB open source framework. HisiPHP V2.0.11 has a command execution vulnerability that can be exploited by an attacker to gain server privileges...

7.5AI score

CNVD•added 2020/06/22 12:0 a.m.•1 views

TuziCMS v3.0 do***_fe*** has command execution vulnerability

TuziCMS is an enterprise website management system based on ThinkPHP 3.2 framework. TuziCMS v3.0 dofe has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score

CNVD•added 2020/06/22 12:0 a.m.•1 views

TuziCMS v3.0 Ma*** Gu***.cl***.php suffers from SQL injection vulnerability

TuziCMS is an enterprise website management system based on ThinkPHP 3.2 framework. TuziCMS v3.0 Ma Gu.cl.php suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information about the database...

7.6AI score