Vulnerabilities > Boltcms > Bolt > 3.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-17 | CVE-2021-27367 | Path Traversal vulnerability in Boltcms Bolt Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. | 5.0 |
2020-12-30 | CVE-2020-28925 | Unspecified vulnerability in Boltcms Bolt Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance. | 5.0 |