Vulnerabilities > Octobercms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-01 | CVE-2023-44382 | Unspecified vulnerability in Octobercms October October is a Content Management System (CMS) and web platform to assist with development workflow. | 9.1 |
| 2021-08-26 | CVE-2021-32648 | Unspecified vulnerability in Octobercms October octobercms in a CMS platform based on the Laravel PHP Framework. | 9.1 |
| 2021-02-05 | CVE-2021-3311 | Insufficient Session Expiration vulnerability in Octobercms October An issue was discovered in October through build 471. | 9.8 |
| 2020-06-04 | CVE-2020-11094 | Information Exposure Through Log Files vulnerability in Octobercms Debugbar The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests (and all information pertaining to each request including session data) whenever it is enabled. | 9.8 |
| 2017-11-17 | CVE-2017-1000197 | Channel and Path Errors vulnerability in Octobercms October October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server. | 9.8 |
| 2017-11-17 | CVE-2017-1000196 | Code Injection vulnerability in Octobercms October October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server. | 9.8 |
| 2017-11-17 | CVE-2017-1000194 | Unrestricted Upload of File with Dangerous Type vulnerability in Octobercms October October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server. | 9.8 |