8 matches found
CVE-2020-28925
Bolt CMS prior to 3.7.2 does not restrict filter options in a Request when rendered in Twig context, per CVE-2020-28925. Root cause: unrestricted filter parameters in Twig requests. Impact stated in sources is primarily that this is inconsistent with securing PHP guidance; no exploitation details...
CVE-2021-27367
Bolt CMS prior to version 4.1.13 contains a directory traversal vulnerability in Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php (CVE-2021-27367). The issue allows an attacker to traverse directories, potentially exposing sensitive files. The connected R...
CVE-2019-15485
CVE-2019-15485: Bolt before 3.6.10 is vulnerable to cross-site scripting via createFolder or createFile in Controller/Async/FilesystemManager.php. The issue affects Bolt CMS versions prior to 3.6.10 and is exploitable through crafted input in file/folder creation paths, as documented in multiple ...
CVE-2020-4040
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Unauthorized users could generate previews intended for admins, editors, or similar roles. This was fixed in Bolt 3.7.1; affected versions are prior to that release.
CVE-2020-4041
CVE-2020-4041 (Bolt CMS) affects Bolt CMS versions before 3.7.1. The vulnerability concerns the filename of uploaded files, which is stored in a way that allows stored XSS after the file is created/uploaded. Although initial file names cannot inject JavaScript, renaming the file post-upload can i...
CVE-2019-9185
Bolt CMS prior to 3.6.5 is affected by a vulnerability in the filemanager’s Controller/Async/FilesystemManager.php that allows remote code execution by renaming a previously uploaded file to have a .php extension. Public references indicate the fix was released in Bolt 3.6.5 (see Bolt v3.6.5 rele...
CVE-2019-15484
CVE-2019-15484 affects Bolt before 3.6.10 with an XSS via an image’s alt or title field. The root cause is tied to unsanitized image metadata in Bolt’s handling/rendering path. The connected documents note a fix in Bolt 3.6.10 (release/tag 3.6.10). Exploitation details are not provided in the sup...
CVE-2019-15483
CVE-2019-15483 affects Bolt CMS (Bolt) prior to version 3.6.10. The vulnerability is a cross-site scripting (XSS) flaw caused by mishandling a title in the system log, enabling an attacker to inject and execute client-side code under certain log-processing conditions. The issue is addressed in Bo...