Vulnerabilities > Redaxo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-17 | CVE-2024-25298 | Code Injection vulnerability in Redaxo 5.15.1 An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php. | 7.2 |
| 2024-02-14 | CVE-2024-25301 | Code Injection vulnerability in Redaxo 5.15.1 Redaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php. | 7.2 |
| 2021-09-09 | CVE-2021-39459 | OS Command Injection vulnerability in Redaxo 5.12.1 Remote code execution in the modules component in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user to execute code on the hosting system via a module containing malicious PHP code. | 7.2 |
| 2018-08-25 | CVE-2018-15850 | Cross-Site Request Forgery (CSRF) vulnerability in Redaxo CMS 4.7.2 An issue was discovered in REDAXO CMS 4.7.2. | 8.8 |