Bolt@* Security Vulnerabilities and Issues — Bolt@* CVE List

Lucene search

BoltcmsBolt*

4 matches found

CVE•added 2019/08/23 1:15 p.m.•164 views

CVE-2019-15485

Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php.

6.1CVSS6AI score0.00305EPSS

CVE•added 2019/08/23 1:15 p.m.•147 views

CVE-2019-15484

Bolt before 3.6.10 has XSS via an image's alt or title field.

6.1CVSS6AI score0.00305EPSS

CVE•added 2019/03/07 11:29 p.m.•144 views

CVE-2019-9185

Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension.

8.8CVSS8.9AI score0.01097EPSS

CVE•added 2019/08/23 1:15 p.m.•140 views

CVE-2019-15483

Bolt before 3.6.10 has XSS via a title that is mishandled in the system log.

6.1CVSS5.9AI score0.00223EPSS