Vulnerabilities > Octobercms

DATE CVE VULNERABILITY TITLE RISK
2024-02-08 CVE-2023-25365 Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October 3.2.0
Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3
local
low complexity
octobercms CWE-434
7.8
2023-12-01 CVE-2023-44381 Code Injection vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-94
4.9
2023-12-01 CVE-2023-44382 Code Injection vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-94
critical
9.1
2023-11-29 CVE-2023-44383 Cross-site Scripting vulnerability in Octobercms October
October is a Content Management System (CMS) and web platform to assist with development workflow.
network
low complexity
octobercms CWE-79
5.4
2023-09-28 CVE-2023-43876 Cross-site Scripting vulnerability in Octobercms October 3.4.16
A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.
network
low complexity
octobercms CWE-79
5.4
2023-07-26 CVE-2023-37692 Cross-site Scripting vulnerability in Octobercms October 3.4.4
An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file.
network
low complexity
octobercms CWE-79
5.4
2022-10-13 CVE-2022-35944 Code Injection vulnerability in Octobercms October
October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework.
network
low complexity
octobercms CWE-94
7.2
2022-07-12 CVE-2022-24800 Race Condition vulnerability in Octobercms October
October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework.
6.8
2022-02-24 CVE-2022-23655 Improper Verification of Cryptographic Signature vulnerability in Octobercms October
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework.
network
high complexity
octobercms CWE-347
2.6
2022-02-23 CVE-2022-21705 Unspecified vulnerability in Octobercms October
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework.
network
low complexity
octobercms
7.2