9 matches found
Concrete CMS < 8.5.6 Multiple Vulnerabilities
Concrete CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:concretecms:concretecms"; if...
CVE-2021-22953
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team"...
CVE-2021-22949
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"...
Cross site request forgery (csrf)
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team"...
Cross site request forgery (csrf)
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"...
CVE-2021-22953
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team"...
CVE-2021-22953
Concrete CMS CVE-2021-22953 is a CSRF flaw affecting version 8.5.5 and earlier. The vulnerability allows an attacker to clone topics, causing UI inconvenience and potential disk-space exhaustion. Affected product/version: Concrete CMS 8.5.5 and below. Root cause: cross-site request forgery in top...
CVE-2021-22949
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"...
CVE-2021-22949
CVE-2021-22949 is a CSRF in Concrete CMS versions 8.5.5 and earlier that allows an attacker to duplicate files, causing UI issues and potential disk-space exhaustion. The root cause is cross-site request forgery affecting file-duplication functionality; no exploit details are provided beyond this...