Lucene search

Expressionengine Security Vulnerabilities

cve

CVE-2008-0201

Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameter.

5.7AI Score

0.004EPSS

2008-01-10 12:46 AM

cve

CVE-2008-0202

CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.

7AI Score

0.005EPSS

2008-01-10 12:46 AM

cve

CVE-2009-1070

Cross-site scripting (XSS) vulnerability in system/index.php in ExpressionEngine 1.6.4 through 1.6.6, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the avatar parameter.

6AI Score

0.007EPSS

2009-03-26 05:51 AM

cve

CVE-2014-5387

Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.php or the (3) tbl_sort[0][] parameter in the comment module to system/index.php.

8.3AI Score

0.004EPSS

2014-11-04 03:55 PM

cve

CVE-2017-0897

ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.

7.5CVSS

7.8AI Score

0.024EPSS

2017-06-22 09:29 PM

cve

CVE-2017-1000160

EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection

5.4CVSS

5.5AI Score

0.001EPSS

2017-11-17 05:29 AM

cve

CVE-2018-17874

ExpressionEngine before 4.3.5 has reflected XSS.

6.1CVSS

6.3AI Score

0.001EPSS

2018-10-01 11:29 PM

cve

CVE-2020-13443

ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check ...

8.8CVSS

9AI Score

0.005EPSS

2020-06-24 03:15 PM

cve

CVE-2020-8242

Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.

7.2CVSS

7.5AI Score

0.001EPSS

2022-02-18 06:15 PM

cve

CVE-2021-27230

ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save() to write to an _lang.php file under the system/user/language directory.

8.8CVSS

8.8AI Score

0.145EPSS

2021-03-15 11:15 PM

cve

CVE-2021-33199

In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of icon.png and icon.svg.

9.8CVSS

9.4AI Score

0.002EPSS

2021-08-12 09:15 PM

cve

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.

6.5CVSS

6.7AI Score

0.0004EPSS

2024-05-31 06:15 PM

cve

CVE-2023-22953

In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.

8.8CVSS

8.9AI Score

0.008EPSS

2023-02-09 03:15 PM

cve

CVE-2024-38454

ExpressionEngine before 7.4.11 allows XSS.

6.1CVSS

7AI Score

0.0005EPSS

2024-06-16 03:15 PM