Vulnerabilities > Backdropcms

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-22	CVE-2024-41709	Cross-site Scripting vulnerability in Backdropcms Backdrop Backdrop CMS before 1.27.3 and 1.28.x before 1.28.2 does not sufficiently sanitize field labels before they are displayed in certain places. network low complexity backdropcms CWE-79	4.8
2023-04-24	CVE-2023-31045	Cross-site Scripting vulnerability in Backdropcms Backdrop A stored Cross-site scripting (XSS) issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. network low complexity backdropcms CWE-79	4.8
2023-01-11	CVE-2012-10004	Cross-site Scripting vulnerability in Backdropcms Basic Cart 1.0/1.1 A vulnerability was found in backdrop-contrib Basic Cart on Drupal. network low complexity backdropcms CWE-79	6.1
2022-11-23	CVE-2022-42095	Cross-site Scripting vulnerability in Backdropcms Backdrop CMS 1.23.0 Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content. network low complexity backdropcms CWE-79	4.8
2022-11-22	CVE-2022-42094	Cross-site Scripting vulnerability in Backdropcms Backdrop 1.23.0 Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content. network low complexity backdropcms CWE-79	4.8
2022-11-22	CVE-2022-42097	Cross-site Scripting vulnerability in Backdropcms Backdrop 1.23.0 Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' . network low complexity backdropcms CWE-79	4.8
2022-11-21	CVE-2022-42096	Cross-site Scripting vulnerability in Backdropcms Backdrop CMS 1.23.0 Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content. network low complexity backdropcms CWE-79	4.8
2022-10-07	CVE-2022-42092	Unrestricted Upload of File with Dangerous Type vulnerability in Backdropcms Backdrop CMS 1.22.0 Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. network low complexity backdropcms CWE-434	7.2
2022-02-15	CVE-2022-24590	Cross-site Scripting vulnerability in Backdropcms Backdrop 1.21.1 A stored cross-site scripting (XSS) vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML. network backdropcms CWE-79	3.5
2022-02-03	CVE-2021-45268	Cross-Site Request Forgery (CSRF) vulnerability in Backdropcms Backdrop 1.20.0 A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. network low complexity backdropcms CWE-352	8.8

Vulnerabilities > Backdropcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Backdropcms"}]}

Vulnerabilities > Backdropcms