Latest concretecms concrete cms Vulnerabilities

CVE-2024-1245
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes
composer/concrete5/concrete5>=9.0.0RC1<9.2.5
Concretecms Concrete Cms>=9.0.0<9.2.5
CVE-2024-1246
Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature
composer/concrete5/concrete5>=9.0.0RC1<9.2.5
Concretecms Concrete Cms>=9.0.0<9.2.5
CVE-2024-1247
Concrete CMS version 9 before 9.2.5 vulnerable to stored XSS via the Role Name field
composer/concrete5/concrete5>=9.0.0RC1<9.2.5
Concretecms Concrete Cms>=9.0.0<9.2.5
CVE-2023-48652
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via `/ccm/system/dialogs/logs/delete_all/submit`. An attacker can force an admin user to delete server report logs on a w...
>=9.0<9.2.3
Concretecms Concrete Cms>=9.0<9.2.3
composer/concrete5/concrete5<9.2.3
CVE-2023-48648
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives un...
composer/concrete5/concrete5>=9.0.0<9.2.2
composer/concrete5/concrete5<8.5.13
Concretecms Concrete Cms<8.5.13
Concretecms Concrete Cms>=9.0<9.2.2
CVE-2023-48649
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.
Concretecms Concrete Cms<8.5.13
Concretecms Concrete Cms>=9.0<9.2.2
composer/concrete5/concrete5>=9.0.0<9.2.2
composer/concrete5/concrete5<8.5.13
CVE-2023-44760
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statis...
composer/concrete5/concrete5<=9.2.1
Concretecms Concrete Cms=9.2.1
=9.2.1
CVE-2023-44763
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is suppos...
Concretecms Concrete Cms=9.2.1
composer/concrete5/concrete5<=9.2.1
=9.2.1
CVE-2023-44761
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1 allow a local attacker to execute arbitrary code via a crafted script...
Concretecms Concrete Cms=9.2.1
composer/concrete5/concrete5<=9.2.1
CVE-2023-44762
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.
composer/concrete5/concrete5<=9.2.1
Concretecms Concrete Cms=9.2.1
CVE-2023-44764
A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings).
composer/concrete5/concrete5<=9.2.1
Concretecms Concrete Cms=9.2.1
=9.2.1
CVE-2023-44766
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings.
Concretecms Concrete Cms=9.2.1
composer/concrete5/concrete5<=9.2.1
=9.2.1
CVE-2023-44765
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.
Concretecms Concrete Cms=9.2.1
CVE-2023-28820
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.
Concretecms Concrete Cms<9.1.0
composer/concrete5/concrete5<9.1.0
CVE-2023-28821
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
Concretecms Concrete Cms<9.1.0
composer/concrete5/concrete5<9.1.0
CVE-2023-28471
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS via a container name.
<9.2.0
Concretecms Concrete Cms<9.2.0
composer/concrete5/concrete5<9.2.0
CVE-2023-28472
Concrete CMS (previously concrete5) before 9.2 does not have Secure and HTTP only attributes set for ccmPoll cookies.
Concretecms Concrete Cms<9.2.0
CVE-2023-28477
Concrete CMS (previously concrete5) before 9.2 is vulnerable to stored XSS on API Integrations via the name parameter.
Concretecms Concrete Cms<9.2.0
composer/concrete5/concrete5<9.2.0
CVE-2023-28473
Concrete CMS (previously concrete5) before 9.2 is vulnerable to possible Auth bypass in the jobs section.
Concretecms Concrete Cms<9.2.0
composer/concrete5/concrete5<9.2.0
CVE-2023-28474
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search.
<9.2.0
Concretecms Concrete Cms<9.2.0
composer/concrete5/concrete5<9.2.0
CVE-2023-28476
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files.
<9.2.0
Concretecms Concrete Cms<9.2.0
composer/concrete5/concrete5<9.2.0
CVE-2023-28475
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.
Concretecms Concrete Cms<9.2.0
CVE-2023-28819
Concrete CMS (previously concrete5) before 9.1 is vulnerable to Stored XSS in uploaded file and folder names.
Concretecms Concrete Cms<9.1.0
composer/concrete5/concrete5<9.1.0
CVE-2022-43556
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XSS in the text input field since the result dashboard page output is not sanitized. The Concrete CMS securi...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43688
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in icons since the Microsoft application tile color is not sanitized. Reme...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43690
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 did not use strict comparison for the legacy_salt so that limited authentication bypass could occur if using this functionali...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43689
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XXE based DNS requests leading to IP disclosure.
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43691
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive information (secrets in environment variables and server information) when Debug...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43695
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in dashboard/system/express/entities/associations because Concrete CMS all...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43687
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth authentication. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43686
In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service (high load).
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43967
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual report due to un-sanitized output. Remediate by updating to Concrete CMS 9...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43968
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the dashboard icons due to un-sanitized output. Remediate by updating to Concrete CMS 9.1.3...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43694
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the image manipulation library due to un-sanitized output.
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43692
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS - user can cause an administrator to trigger reflected XSS with a url if the targeted administ...
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-43693
Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth.
Concretecms Concrete Cms<8.5.10
Concretecms Concrete Cms>=9.0.0<=9.1.2
CVE-2022-30120
Concretecms Concrete Cms<8.5.8
Concretecms Concrete Cms>=9.0.0<9.1.0
CVE-2022-30118
Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers only.Description: When using Internet Explorer with the XSS protection disabled, editing a form control...
Concretecms Concrete Cms<8.5.8
Concretecms Concrete Cms>=9.0.0<9.1.0
CVE-2022-30117
Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanit...
Concretecms Concrete Cms<8.5.8
Concretecms Concrete Cms>=9.0.0<9.1.0
CVE-2021-22954
A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of other users.
Concretecms Concrete Cms<9.0
CVE-2021-40101
An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for the current password.
Concretecms Concrete Cms<8.5.7
CVE-2021-22968
A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS (concrete5) versions 8.5.6 and below.The external file upload feature...
Concretecms Concrete Cms<8.5.7
CVE-2021-22966
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" permissions on the bulkupdate page, then users in that group can escalate ...
Concretecms Concrete Cms<8.5.7
CVE-2021-22951
Concretecms Concrete Cms<8.5.7
CVE-2021-22970
Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files ...
Concretecms Concrete Cms<=8.5.6
Concretecms Concrete Cms=9.0
CVE-2021-22958
A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with...
Concretecms Concrete Cms<8.5.5
CVE-2021-40108
An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/calendar/dialogs/event/add/save endpoint.
Concretecms Concrete Cms<8.5.6
CVE-2021-40109
A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that re...
Concretecms Concrete Cms<8.5.6
CVE-2021-40098
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression.
Concretecms Concrete Cms<=8.5.5
CVE-2021-40103
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.
Concretecms Concrete Cms<=8.5.5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203