Vulnerabilities > Boltcms > Bolt > 3.7.2

DATE CVE VULNERABILITY TITLE RISK
2022-08-01 CVE-2022-31321 Improper Input Validation vulnerability in Boltcms Bolt
The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input.
network
low complexity
boltcms CWE-20
critical
 9.1
9.1
2021-02-17 CVE-2021-27367 Path Traversal vulnerability in Boltcms Bolt
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
network
low complexity
boltcms CWE-22
7.5
7.5