Vulnerabilities > Concretecms > Concrete CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-40108 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 6.8 |
| 2021-09-27 | CVE-2021-40109 | Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS A SSRF issue was discovered in Concrete CMS through 8.5.5. | 5.5 |
| 2021-09-27 | CVE-2021-40097 | Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 6.5 |
| 2021-09-27 | CVE-2021-40103 | Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 5.0 |
| 2021-09-27 | CVE-2021-40104 | Unspecified vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 5.0 |
| 2021-09-27 | CVE-2021-40105 | Cross-site Scripting vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 4.3 |
| 2021-09-27 | CVE-2021-40106 | Cross-site Scripting vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 4.3 |
| 2021-09-24 | CVE-2021-40099 | Unspecified vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 6.5 |
| 2021-09-24 | CVE-2021-40102 | Deserialization of Untrusted Data vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. | 6.4 |
| 2021-09-23 | CVE-2021-22949 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team" | 5.8 |