Contao@* Security Vulnerabilities and Issues — Contao@* CVE List

Lucene search

ContaoContao*

3 matches found

CVE•added 2024/04/09 5:16 p.m.•46 views

CVE-2024-30262

Contao is an open source content management system. Prior to version 4.13.40, when a frontend member changes their password in the personal data or the password lost module, the corresponding remember-me tokens are not removed. If someone compromises an account and is able to get a remember-me toke...

7.1CVSS5.7AI score0.00212EPSS

CVE•added 2024/09/17 8:15 p.m.•43 views

CVE-2024-45604

Contao is an Open Source CMS. In affected versions authenticated users in the back end can list files outside the document root in the file selector widget. Users are advised to update to Contao 4.13.49. There are no known workarounds for this vulnerability.

4.3CVSS4.5AI score0.00253EPSS

CVE•added 2020/01/29 3:15 p.m.•38 views

CVE-2012-4383

contao prior to 2.11.4 has a sql injection vulnerability

8.8CVSS8.7AI score0.00257EPSS