Vulnerabilities > Contao > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-45398 | Unrestricted Upload of File with Dangerous Type vulnerability in Contao Contao is an Open Source CMS. | 8.8 |
| 2020-01-08 | CVE-2014-1860 | Deserialization of Untrusted Data vulnerability in Contao CMS Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities | 7.5 |
| 2019-07-09 | CVE-2019-11512 | SQL Injection vulnerability in Contao Contao 4.x allows SQL Injection. | 7.5 |
| 2019-04-25 | CVE-2017-16558 | SQL Injection vulnerability in Contao CMS Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the back end as well as in the listing module. | 7.5 |
| 2019-04-17 | CVE-2019-10643 | Key Management Errors vulnerability in Contao CMS 4.7.0 Contao 4.7 allows Use of a Key Past its Expiration Date. | 7.5 |