Lucene search
K

7 matches found

Veracode
Veracode
added 2024/05/30 8:0 a.m.7 views

SQL Injection

silverstripe/subsites is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation and sanitization in the silverstripe/subsites module, which allows attacker can inject malicious SQL queries...

7.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/05/28 6:23 p.m.6 views

silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)

There is a low level potential SQL injection vulnerability in the silverstripe/subsites module has been identified and fixed in version 2.1.1...

8.2AI score
Exploits0References4Affected Software1
OSV
OSV
added 2024/05/28 6:23 p.m.7 views

GHSA-XC69-P8FC-M6M5 silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)

There is a low level potential SQL injection vulnerability in the silverstripe/subsites module has been identified and fixed in version 2.1.1...

8.8CVSS8.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.3 views

PT-2024-40525 · Silverstripe · Silverstripe/Subsites

Name of the Vulnerable Software and Affected Versions: silverstripe/subsites versions prior to 2.1.1 Description: A potential SQL injection issue has been identified in the silverstripe/subsites module. The issue has been fixed in version 2.1.1. Recommendations: For versions prior to 2.1.1, updat...

8.8CVSS8.3AI score
Exploits0References5
Veracode
Veracode
added 2022/12/20 8:46 a.m.17 views

Privilege Escalation

silverstripe/subsites is vulnerable to privilege escalation. The vulnerability exists in FileSubsites.php due to the lack of validation in file edit privileges, which allows an attacker to modify sensitive files inside the system...

7.5CVSS7.2AI score0.00524EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/20 12:0 a.m.3 views

CVE-2022-42949

Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions...

7.6AI score0.00524EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/19 12:0 a.m.6 views

PT-2022-26676 · Silverstripe · Silverstripe/Subsites

Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/subsites versions through 2.6.0 Description: The subsites module can weaken edit restrictions on some files, allowing a malicious user to edit files they do not have edit rights to. This issue only affects projects...

7.5CVSS7.3AI score0.00524EPSS
Exploits0References10
Rows per page
Query Builder