3 matches found
PortlandLabs Concrete CMS Cross-Site Scripting Vulnerability (CNVD-2022-54305)
PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. A cross-site scripting vulnerability exists in PortlandLabs Concrete CMS, which originates in /dashboard/blocks/stacks/view details. The vulnerability stems from the lack of data validation...
PortlandLabs Concrete CMS Path Traversal Vulnerability (CNVD-2021-76092)
PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS 8.5.5 and earlier has a security vulnerability that could be exploited by an attacker to cause path traversal in RCE via an external form by adding regular...
PortlandLabs Concrete5 code issue vulnerability
PortlandLabs Concrete5 is an open source content management system CMS from PortlandLabs, Inc. PortlandLabs Concrete5 version 8.5.2 and prior versions are vulnerable to a code issue that could be exploited by attackers to upload dangerous files and execute arbitrary commands...