Vulnerabilities > Concretecms

DATE CVE VULNERABILITY TITLE RISK
2021-09-27 CVE-2021-40097 Path Traversal vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-22
8.8
2021-09-27 CVE-2021-40098 Path Traversal vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-22
critical
9.8
2021-09-27 CVE-2021-40103 Path Traversal vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-22
7.5
2021-09-27 CVE-2021-40104 Unspecified vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms
7.5
2021-09-27 CVE-2021-40105 Cross-site Scripting vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-79
6.1
2021-09-27 CVE-2021-40106 Cross-site Scripting vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-79
6.1
2021-09-24 CVE-2021-40099 Unspecified vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms
7.2
2021-09-24 CVE-2021-40100 Cross-site Scripting vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-79
5.4
2021-09-24 CVE-2021-40102 Deserialization of Untrusted Data vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-502
critical
9.1
2021-09-23 CVE-2021-22949 Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team"
network
low complexity
concretecms CWE-352
5.4