Vulnerabilities > Concretecms > Concrete CMS > 8.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-09 | CVE-2018-13790 | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS 8.2.0 A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. | 7.2 |
| 2018-02-26 | CVE-2017-18195 | Unspecified vulnerability in Concretecms Concrete CMS An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. | 5.3 |