Vulnerabilities > Concretecms > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-27 CVE-2021-40108 Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5. 		6.8
6.8
2021-09-27 CVE-2021-40109 Server-Side Request Forgery (SSRF) vulnerability in Concretecms Concrete CMS
A SSRF issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-918
5.5
5.5
2021-09-27 CVE-2021-40097 Path Traversal vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-22
6.5
6.5
2021-09-27 CVE-2021-40103 Path Traversal vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-22
5.0
5.0
2021-09-27 CVE-2021-40104 Unspecified vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms
5.0
5.0
2021-09-27 CVE-2021-40105 Cross-site Scripting vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5. 		4.3
4.3
2021-09-27 CVE-2021-40106 Cross-site Scripting vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5. 		4.3
4.3
2021-09-24 CVE-2021-40099 Unspecified vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms
6.5
6.5
2021-09-24 CVE-2021-40102 Deserialization of Untrusted Data vulnerability in Concretecms Concrete CMS
An issue was discovered in Concrete CMS through 8.5.5.
network
low complexity
concretecms CWE-502
6.4
6.4
2021-09-23 CVE-2021-22949 Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security CMS Research Team" 		5.8
5.8