Vulnerabilities > Contao > Contao > 4.8.5

DATE CVE VULNERABILITY TITLE RISK
2024-09-17 CVE-2024-45398 Unrestricted Upload of File with Dangerous Type vulnerability in Contao
Contao is an Open Source CMS.
network
low complexity
contao CWE-434
8.8
2024-09-17 CVE-2024-45604 Path Traversal vulnerability in Contao
Contao is an Open Source CMS.
network
low complexity
contao CWE-22
4.3
2024-04-09 CVE-2024-30262 Insufficient Session Expiration vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-613
7.1
2024-04-09 CVE-2024-28190 Cross-site Scripting vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-79
5.4
2024-04-09 CVE-2024-28191 Injection vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-74
5.4
2024-04-09 CVE-2024-28234 Unspecified vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao
4.7
2023-07-25 CVE-2023-36806 Cross-site Scripting vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-79
5.4
2023-04-25 CVE-2023-29200 Path Traversal vulnerability in Contao
Contao is an open source content management system.
network
low complexity
contao CWE-22
6.5
2021-08-12 CVE-2021-35955 Cross-site Scripting vulnerability in Contao
Contao >=4.0.0 allows backend XSS via HTML attributes to an HTML field.
network
low complexity
contao CWE-79
4.8
2021-06-23 CVE-2021-35210 Cross-site Scripting vulnerability in Contao
Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS.
network
low complexity
contao CWE-79
6.1