Lucene search

K

60 matches found

CVE
CVE
added 2021/01/08 3:15 p.m.93 views

CVE-2021-3111

The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.

4.8CVSS5AI score0.00606EPSS
Web
CVE
CVE
added 2020/07/28 9:15 p.m.87 views

CVE-2020-11476

Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.

9CVSS6.8AI score0.0102EPSS
CVE
CVE
added 2022/06/24 3:15 p.m.87 views

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http. ...

9.8CVSS9.5AI score0.00884EPSS
CVE
CVE
added 2022/06/24 3:15 p.m.87 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changing ...

9.1CVSS9.2AI score0.01582EPSS
CVE
CVE
added 2022/02/09 11:15 p.m.84 views

CVE-2021-22954

A cross-site request forgery vulnerability exists in Concrete CMS

8.8CVSS8.5AI score0.00149EPSS
CVE
CVE
added 2021/07/30 2:15 p.m.82 views

CVE-2021-36766

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/system/environment/logging.php Logging::update_logging() method. User input passed through the logFile request parameter is not properly sanitized before being used in a ...

7.2CVSS7.1AI score0.01543EPSS
Web
CVE
CVE
added 2022/11/14 10:15 p.m.78 views

CVE-2022-43686

In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service (high load).

6.5CVSS6.3AI score0.00271EPSS
CVE
CVE
added 2021/10/07 2:15 p.m.75 views

CVE-2021-22958

A Server-Side Request Forgery vulnerability was found in concrete5

9.8CVSS8.8AI score0.00396EPSS
CVE
CVE
added 2020/06/22 12:15 a.m.73 views

CVE-2020-14961

Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.

5.3CVSS5.4AI score0.00344EPSS
CVE
CVE
added 2021/11/19 7:15 p.m.73 views

CVE-2021-22951

Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in view_inline and, if it does, the file is not rendered.For version 8.5.6, the following mitigation...

7.5CVSS7.6AI score0.00314EPSS
CVE
CVE
added 2021/11/19 7:15 p.m.73 views

CVE-2021-22968

A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload feature stages files in the public directory even if they have disallowed file extensions. They are stored...

7.2CVSS7.5AI score0.02666EPSS
CVE
CVE
added 2022/12/05 10:15 p.m.73 views

CVE-2022-43556

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XSS in the text input field since the result dashboard page output is not sanitized. The Concrete CMS security team has ranked this 4.2 with CVSS v3.1 vector AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Thanks @akbar...

6.1CVSS6AI score0.01953EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.73 views

CVE-2022-43689

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XXE based DNS requests leading to IP disclosure.

5.3CVSS5.1AI score0.00281EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.71 views

CVE-2022-43690

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 did not use strict comparison for the legacy_salt so that limited authentication bypass could occur if using this functionality. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.

6.3CVSS6.4AI score0.00184EPSS
CVE
CVE
added 2022/06/24 3:15 p.m.70 views

CVE-2022-30119

XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2. This cannot be exploited in modern-day ...

6.1CVSS6AI score0.00987EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.70 views

CVE-2022-43687

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth authentication. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.

5.4CVSS5.4AI score0.00376EPSS
CVE
CVE
added 2022/11/14 5:15 p.m.68 views

CVE-2022-43693

Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth.

8.8CVSS8.8AI score0.00864EPSS
CVE
CVE
added 2022/11/14 10:15 p.m.67 views

CVE-2022-43967

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.

6.1CVSS5.9AI score0.00567EPSS
CVE
CVE
added 2024/04/03 8:15 p.m.66 views

CVE-2024-3181

Concrete CMS version 9 prior to 9.2.8 and previous versions prior to 8.5.16 are vulnerable to Stored XSS in the Search Field. Prior to the fix, stored XSS could be executed by an administrator changing a filter to which a rogue administrator had previously added malicious code. The Concrete CMS sec...

4.8CVSS3.4AI score0.00104EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.65 views

CVE-2022-43691

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive information (secrets in environment variables and server information) when Debug Mode is left on in production.

5.3CVSS5.1AI score0.00172EPSS
CVE
CVE
added 2022/11/14 7:15 p.m.64 views

CVE-2022-43694

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the image manipulation library due to un-sanitized output.

6.1CVSS5.9AI score0.00769EPSS
CVE
CVE
added 2022/06/24 3:15 p.m.63 views

CVE-2022-30120

XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 to allow XSS. This cannot ...

6.1CVSS6AI score0.0207EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.63 views

CVE-2022-43688

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in icons since the Microsoft application tile color is not sanitized. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.

4.8CVSS4.7AI score0.00244EPSS
CVE
CVE
added 2022/11/14 10:15 p.m.61 views

CVE-2022-43968

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the dashboard icons due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+.

6.1CVSS5.9AI score0.00567EPSS
CVE
CVE
added 2022/11/14 7:15 p.m.59 views

CVE-2022-43692

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS - user can cause an administrator to trigger reflected XSS with a url if the targeted administrator is using an old browser that lacks XSS protection. Remediate by updating to Concrete CMS 9.1....

6.1CVSS5.9AI score0.00567EPSS
CVE
CVE
added 2018/02/26 5:29 p.m.58 views

CVE-2017-18195

An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers.

5.3CVSS5.1AI score0.03667EPSS
Web
CVE
CVE
added 2021/09/27 1:15 p.m.58 views

CVE-2021-40108

An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint.

8.8CVSS8.6AI score0.00125EPSS
Web
CVE
CVE
added 2024/04/03 7:15 p.m.58 views

CVE-2024-2753

Concrete CMS version 9 before 9.2.8 and previous versions prior to 8.5.16 is vulnerable to Stored XSS on the calendar color settings screen since Information input by the user is output without escaping. A rogue administrator could inject malicious javascript into the Calendar Color Settings screen...

4.8CVSS3.2AI score0.00247EPSS
CVE
CVE
added 2021/11/19 7:15 p.m.55 views

CVE-2021-22969

Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS (ex AWS) IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated IP when downloading...

5.3CVSS5.5AI score0.00268EPSS
CVE
CVE
added 2023/11/17 4:15 a.m.53 views

CVE-2023-48648

Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when crea...

9.8CVSS9.3AI score0.00729EPSS
CVE
CVE
added 2021/11/19 7:15 p.m.52 views

CVE-2021-22966

Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate to being an administrator with a specially crafted curl. Fixed by adding a check for group permissi...

8.8CVSS8.8AI score0.00267EPSS
CVE
CVE
added 2022/06/24 3:15 p.m.51 views

CVE-2022-30118

Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers only.Description: When using Internet Explorer with the XSS protection disabled, editing a form control in an express entities form for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 can...

6.1CVSS6AI score0.00987EPSS
CVE
CVE
added 2024/04/03 7:15 p.m.51 views

CVE-2024-3178

Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File Search Filter. Prior to the fix, a rogue administrator could add malicious code in the file manager because of insufficient validation of administrator provided data. All ...

4.8CVSS3.5AI score0.00104EPSS
CVE
CVE
added 2021/03/18 4:15 p.m.50 views

CVE-2021-28145

Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block. This requires at least Editor privileges.

5.4CVSS5.5AI score0.00197EPSS
CVE
CVE
added 2022/11/14 11:15 p.m.50 views

CVE-2022-43695

Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in dashboard/system/express/entities/associations because Concrete CMS allows association with an entity name that doesn’t exist or, if it does exist, contains XSS since it ...

4.8CVSS4.7AI score0.00555EPSS
Web
CVE
CVE
added 2021/11/19 7:15 p.m.48 views

CVE-2021-22967

In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add Message to a Conversation.To remediate this, a check was added to verify a user has permissions to view files before attaching the files to a message in "add / edit messa...

7.5CVSS7.4AI score0.00747EPSS
CVE
CVE
added 2024/04/03 7:15 p.m.46 views

CVE-2024-3179

Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page editing. Prior to the fix, a rogue administrator could insert malicious code in the custom class field due to insufficient validation of administrator provided data. The Con...

4.8CVSS3.6AI score0.00104EPSS
CVE
CVE
added 2025/04/03 2:15 a.m.46 views

CVE-2025-3153

Concrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 are vulnerable to CSRF and XSS in the Concrete CMS Address attribute because addresses are not properly sanitized in the output when a country is not specified. Attackers are limited to individuals whom a site administrator has granted...

6.5CVSS6.1AI score0.0002EPSS
CVE
CVE
added 2024/08/08 5:15 p.m.45 views

CVE-2024-7394

Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v4.0 rank of 4.6 with vector https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H...

4.8CVSS4.8AI score0.02175EPSS
CVE
CVE
added 2024/08/12 1:38 p.m.44 views

CVE-2024-4350

Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses. A rogue administrator could inject malicious code into fields due to insufficient input validation. The Concrete CMS security team gave th...

5.1CVSS5AI score0.00561EPSS
CVE
CVE
added 2023/11/17 4:15 a.m.42 views

CVE-2023-48649

Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.

5.4CVSS5.2AI score0.01256EPSS
CVE
CVE
added 2023/04/28 2:15 p.m.39 views

CVE-2023-28471

Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name.

5.4CVSS5AI score0.00983EPSS
CVE
CVE
added 2023/04/28 2:15 p.m.39 views

CVE-2023-28477

Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.

5.5CVSS5.1AI score0.00703EPSS
CVE
CVE
added 2024/04/03 7:15 p.m.39 views

CVE-2024-3180

Concrete CMS version 9 below 9.2.8 and previous versions below 8.5.16 is vulnerable to Stored XSS in blocks of type file. Stored XSS could be caused by a rogue administrator adding malicious code to the link-text field when creating a block of type file. The Concrete CMS security team gave this vul...

4.8CVSS3.7AI score0.00104EPSS
CVE
CVE
added 2024/09/16 6:15 p.m.37 views

CVE-2024-8661

Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block. A rogue administrator could add a malicious payload by executing it in the browsers of targeted users. The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 4.6 w...

4.8CVSS5.5AI score0.00173EPSS
CVE
CVE
added 2024/09/25 1:15 a.m.36 views

CVE-2024-7398

Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vulnerable to stored XSS in the calendar event addition feature because the calendar event name was not sanitized on output. Users or groups with permission to create event calendars can embed scripts, and users or groups with perm...

5.4CVSS5.3AI score0.00048EPSS
CVE
CVE
added 2021/09/23 1:15 p.m.35 views

CVE-2021-22950

Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team"

6.5CVSS7AI score0.00104EPSS
CVE
CVE
added 2021/09/27 1:15 p.m.35 views

CVE-2021-40109

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents o...

6.4CVSS6.4AI score0.00099EPSS
CVE
CVE
added 2023/04/28 2:15 p.m.35 views

CVE-2023-28472

Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes set for ccmPoll cookies.

5.3CVSS5.3AI score0.00256EPSS
CVE
CVE
added 2023/04/28 2:15 p.m.35 views

CVE-2023-28821

Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.

5.3CVSS5.3AI score0.00157EPSS
Total number of security vulnerabilities60