Vulnerabilities > Boltcms > Bolt > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-17 CVE-2021-27367 Path Traversal vulnerability in Boltcms Bolt
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
network
low complexity
boltcms CWE-22
5.0
2020-12-30 CVE-2020-28925 Unspecified vulnerability in Boltcms Bolt
Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance.
network
low complexity
boltcms
5.0
2020-06-08 CVE-2020-4041 Cross-site Scripting vulnerability in Boltcms Bolt
In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS.
network
low complexity
boltcms CWE-79
6.1
2020-06-08 CVE-2020-4040 Cross-Site Request Forgery (CSRF) vulnerability in Boltcms Bolt
Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint.
network
low complexity
boltcms CWE-352
4.3
2019-12-29 CVE-2019-20058 Cross-site Scripting vulnerability in Boltcms Bolt 3.7.0
Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is shown on the _profiler page.
network
low complexity
boltcms CWE-79
6.1
2019-08-23 CVE-2019-15485 Cross-site Scripting vulnerability in Boltcms Bolt
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php.
network
boltcms CWE-79
4.3
2019-08-23 CVE-2019-15484 Cross-site Scripting vulnerability in Boltcms Bolt
Bolt before 3.6.10 has XSS via an image's alt or title field.
network
boltcms CWE-79
4.3
2019-08-23 CVE-2019-15483 Cross-site Scripting vulnerability in Boltcms Bolt
Bolt before 3.6.10 has XSS via a title that is mishandled in the system log.
network
boltcms CWE-79
4.3
2019-04-05 CVE-2019-10874 Cross-Site Request Forgery (CSRF) vulnerability in Boltcms Bolt 3.6.6
Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file.
network
boltcms CWE-352
6.8
2019-03-07 CVE-2019-9185 Unrestricted Upload of File with Dangerous Type vulnerability in Boltcms Bolt
Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension.
network
low complexity
boltcms CWE-434
6.5