Vulnerabilities > Concretecms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-27	CVE-2021-40103	Path Traversal vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms CWE-22	7.5
2021-09-27	CVE-2021-40104	Unspecified vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms	7.5
2021-09-27	CVE-2021-40105	Cross-site Scripting vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms CWE-79	6.1
2021-09-27	CVE-2021-40106	Cross-site Scripting vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms CWE-79	6.1
2021-09-24	CVE-2021-40099	Unspecified vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms	7.2
2021-09-24	CVE-2021-40100	Cross-site Scripting vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms CWE-79	5.4
2021-09-24	CVE-2021-40102	Deserialization of Untrusted Data vulnerability in Concretecms Concrete CMS An issue was discovered in Concrete CMS through 8.5.5. network low complexity concretecms CWE-502 critical	9.1
2021-09-23	CVE-2021-22949	Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team" network low complexity concretecms CWE-352	5.4
2021-09-23	CVE-2021-22950	Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team" network low complexity concretecms CWE-352	6.5
2021-09-23	CVE-2021-22953	Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team" network low complexity concretecms CWE-352	5.4

Vulnerabilities > Concretecms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Concretecms"}]}

Vulnerabilities > Concretecms