Vulnerabilities > Octobercms > October
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-26 | CVE-2024-24764 | Open Redirect vulnerability in Octobercms October October is a self-hosted CMS platform based on the Laravel PHP Framework. | 4.8 |
| 2024-02-08 | CVE-2023-25365 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October 3.2.0 Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3 | 7.8 |
| 2023-12-01 | CVE-2023-44381 | Code Injection vulnerability in Octobercms October October is a Content Management System (CMS) and web platform to assist with development workflow. | 4.9 |
| 2023-12-01 | CVE-2023-44382 | Code Injection vulnerability in Octobercms October October is a Content Management System (CMS) and web platform to assist with development workflow. | 9.1 |
| 2023-11-29 | CVE-2023-44383 | Cross-site Scripting vulnerability in Octobercms October October is a Content Management System (CMS) and web platform to assist with development workflow. | 5.4 |
| 2023-09-28 | CVE-2023-43876 | Cross-site Scripting vulnerability in Octobercms October 3.4.16 A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field. | 5.4 |
| 2023-07-26 | CVE-2023-37692 | Cross-site Scripting vulnerability in Octobercms October 3.4.4 An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file. | 5.4 |
| 2022-10-13 | CVE-2022-35944 | Code Injection vulnerability in Octobercms October October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework. | 7.2 |
| 2022-07-12 | CVE-2022-24800 | Race Condition vulnerability in Octobercms October October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. | 6.8 |
| 2022-02-24 | CVE-2022-23655 | Improper Verification of Cryptographic Signature vulnerability in Octobercms October Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. | 2.6 |