Vulnerabilities > Redaxo > Redaxo > 5.12.1

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2021-39458 Information Exposure Through an Error Message vulnerability in Redaxo 5.12.1
Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup.
network
low complexity
redaxo CWE-209
4.0
4.0
2021-09-09 CVE-2021-39459 OS Command Injection vulnerability in Redaxo 5.12.1
Remote code execution in the modules component in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user to execute code on the hosting system via a module containing malicious PHP code.
network
low complexity
redaxo CWE-78
critical
 9.0
9.0