Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2023/04/28 2:15 p.m.2 views

CVE-2023-28473

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section...

3.3CVSS5.9AI score0.00755EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/04/28 2:15 p.m.5 views

CVE-2023-28472

Concrete CMS previously concrete5 versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes set for ccmPoll cookies...

5.3CVSS5.9AI score0.00591EPSS
Exploits0References4
Prion
Prion
added 2023/04/28 2:15 p.m.15 views

Design/Logic Flaw

Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files...

4.9CVSS5.1AI score0.00544EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.8 views

PT-2023-21743 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 8.5.12 and below Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Description: The issue concerns a possible Auth bypass in the jobs section of Concrete CMS. Recommendations: For versions...

9.8CVSS3.8AI score0.00755EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.5 views

PT-2023-21742 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 8.5.12 and below Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Description: The issue is related to the ccmPoll cookies in Concrete CMS, where the Secure and HTTP only attributes are n...

5.3CVSS5AI score0.00591EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.10 views

PT-2023-21741 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Concrete CMS previously concrete5 versions prior to 9.2 Description: The issue is related to Stored XSS via a container name. There is no information provided about the estimated...

5.4CVSS5.6AI score0.00544EPSS
Exploits0References12
Rows per page
Query Builder