6 matches found
EUVD-2020-0474
Malware in sbrugna...
October CMS Cross-Site Scripting Vulnerability (CNVD-2020-43155)
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A cross-site scripting vulnerability exists in October CMS versions prior to 1.0.319 and prior to 1.0.466. The vulnerability stems from a lack of proper validation of client-side data b...
CVE-2020-11083
In October from version 1.0.319 and before version 1.0.466, a user with access to a markdown FormWidget that stores data persistently could create a stored XSS attack against themselves and any other users with access to the generated HTML from the field. This has been fixed in 1.0.466. For users...
October CMS Arbitrary File Read Vulnerability (CNVD-2020-38885)
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A security vulnerability exists in October CMS composer versions 1.0.319 and later fixed in version 1.0.466. An attacker could exploit the vulnerability to read local files on the Octob...
October CMS Arbitrary File Read Vulnerability
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A security vulnerability exists in October CMS composer versions 1.0.319 and later fixed in version 1.0.466. An attacker could exploit the vulnerability to delete arbitrary local files...
October CMS Directory Traversal Vulnerability
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A security vulnerability exists in October CMS composer versions 1.0.319 and later fixed in version 1.0.466. An attacker can exploit the vulnerability to upload files to any directory o...