Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

concrete5/concrete5

packagist

Concrete – an open source content management system.

View on github.com · View on packagist.org

Security Advisories for concrete5/concrete5 in packagist

Moderate
4 months ago

Concrete CMS vulnerable to Reflected Cross-Site Scripting (XSS) in Conversation Messages Dashboard Page GSA_kwCzR0hTQS00cGNnLXBqcDUtM21jNs4ABKyv

packagist concrete5/concrete5
Low
4 months ago

Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page GSA_kwCzR0hTQS1jNXhmLXJtdjQtajg1aM4ABKyw

packagist concrete5/concrete5
Moderate
8 months ago

Concrete CMS Vulnerable to Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) GSA_kwCzR0hTQS1jbW00LXA5djItcTQ1M84ABGWv

packagist concrete5/concrete5
Moderate
8 months ago

ConcreteCMS Cross-Site Scripting (XSS) via HTML Block Text Field GSA_kwCzR0hTQS14ZnFmLTVyaGctNWM3M84ABGG7

packagist concrete5/concrete5
Moderate
9 months ago

Concrete CMS affected by a stored XSS in Folder Function.The "Add Folder" functionality GSA_kwCzR0hTQS1wdm14LW1qbWgtamZjeM4ABFQQ

packagist concrete5/concrete5
Moderate
about 1 year ago

Cross site scripting in Concrete CMS GSA_kwCzR0hTQS14OGgyLTI1NXEtamc0eM4AA_v1

packagist concrete5/concrete5
Moderate
about 1 year ago

Cross site scripting in Concrete CMS GSA_kwCzR0hTQS1xN3FyLTIycXctcHFneM4AA_wK

packagist concrete5/concrete5
Moderate
about 1 year ago

Concrete CMS stored XSS vulnerability in the "Top Navigator Bar" block GSA_kwCzR0hTQS05OThjLXE4aGgtaDhnds4AA_nA

packagist concrete5/concrete5
Moderate
about 1 year ago

Concrete CMS Stored XSS in the "Next&Previous Nav" block GSA_kwCzR0hTQS14bXhqLXYycTgtOHF4Ns4AA_kc

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS vulnerable to Stored Cross-site Scripting GSA_kwCzR0hTQS1jNDd3LTltY2Ytdzk3Ms4AA-hx

packagist concrete5/concrete5
Moderate
over 1 year ago

Concrete CMS Stored Cross-site Scripting vulnerability GSA_kwCzR0hTQS1xNXd4LW05NXItNGNnY84AA-iF

packagist concrete5/concrete5
Moderate
over 1 year ago

Concrete CMS Stored XSS in getAttributeSetName GSA_kwCzR0hTQS13Nmo2LXc2angtdmYycs4AA-gS

packagist concrete5/concrete5
Moderate
over 1 year ago

Concrete CMS vulnerable to Stored Cross-site Scripting GSA_kwCzR0hTQS0zY3BmLWptbWMtOGptM84AA-Us

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS Stored XSS in blocks of type file GSA_kwCzR0hTQS05cWhjLXBnNmotd2YyM84AA6nm

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter GSA_kwCzR0hTQS14d3JoLXF4bWMteDhjOM4AA6ni

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS Stored XSS in the Search Field GSA_kwCzR0hTQS1xZ205LXJ4bXEtanhtcc4AA6nk

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS Stored XSS on the calendar color settings screen GSA_kwCzR0hTQS1wajQyLXI2NGYtNHhmcc4AA6ng

packagist concrete5/concrete5
Low
over 1 year ago

Concrete CMS Stored XSS in the Custom Class page editing GSA_kwCzR0hTQS1yN3E0LWN3OXItdmhwNM4AA6nj

packagist concrete5/concrete5
Low
almost 2 years ago

Concrete CMS Stored Cross-site Scripting vulnerability GSA_kwCzR0hTQS00bTdoLTM0eG0tNHdqds4AA5xy

packagist concrete5/concrete5
Moderate
almost 2 years ago

Concrete CMS Cross Site Request Forgery (CSRF) vulnerability GSA_kwCzR0hTQS00NW0yLThxN2YtOTN3ds4AA5nI

packagist concrete5/concrete5
Moderate
almost 2 years ago

Concrete CMS Stored XSS in Layout Preset Name GSA_kwCzR0hTQS14NTc3LWdjYzktOXhqas4AA5mn

packagist concrete5/concrete5
Moderate
almost 2 years ago

Concrete CMS Cross Site Request Forgery (CSRF) vulnerability GSA_kwCzR0hTQS0zcnh4LThmMzMtN3A2cM4AA5nJ

packagist concrete5/concrete5
Low
almost 2 years ago

Concrete CMS Stored XSS GSA_kwCzR0hTQS05eHh2LXE2cHAtOTZ3cc4AA5mo

packagist concrete5/concrete5
Low
almost 2 years ago

Concrete CMS vulnerable to stored XSS in file tags and description attributes GSA_kwCzR0hTQS1tZ3A2LWo2NTgtdmN3Oc4AA5MT

packagist concrete5/concrete5
Low
almost 2 years ago

Concrete CMS vulnerable to stored XSS via the Role Name field GSA_kwCzR0hTQS1xMjVoLWpjaDgtZ2ZycM4AA5MS

packagist concrete5/concrete5
Low
almost 2 years ago

Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature GSA_kwCzR0hTQS05djN3LWNqN20tcWg1Z84AA5MU

packagist concrete5/concrete5
Moderate
almost 2 years ago

Concrete CMS Cross Site Request Forgery (CSRF) GSA_kwCzR0hTQS1xcDQyLTVwajctNGNjbc4AA4Bf

packagist concrete5/concrete5
Low
about 2 years ago

Concrete CMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS0zNmZyLTN3ZzgtcTV2OM4AA3O6

packagist concrete5/concrete5
Moderate
about 2 years ago

Concrete CMS allows unauthorized access because directories can be created with insecure permissions GSA_kwCzR0hTQS1tODdoLWp4cjYtZjgyd84AA3O-

packagist concrete5/concrete5
Moderate
about 2 years ago

Concrete CMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS00cXY2LTM3eHEtbWdxMs4AA2oD

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS vulnerable to Stored Cross-site Scripting GSA_kwCzR0hTQS13cnAyLTZ2NmotaGZtZ84AA2Uj

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS00MzdwLWpmbTQtMjM4N84AA2RU

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS02eHg3LXI4eDQtZnBqcM4AA2RS

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS1qNmg1LWdndjItM3Jmds4AA2RP

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS02Zm0zLXI2bWYtajg3Nc4AA2RQ

packagist concrete5/concrete5
Moderate
about 2 years ago

ConcreteCMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS1wNGpqLWd3cGctOWp3aM4AA2RR

packagist concrete5/concrete5
Moderate
over 2 years ago

Concrete CMS Cross-site Scripting vulnerability GSA_kwCzR0hTQS04Njk5LWg0NWctN2htOM4AA0SM

packagist concrete5/concrete5
Moderate
over 2 years ago

Stored cross site scripting on API integration GSA_kwCzR0hTQS14Zm1qLXI4Nm0tajJocs4AAzA5

packagist concrete5/concrete5
Low
over 2 years ago

Concrete CMS (previously concrete5) is vulnerable to stored XSS in uploaded file and folder names GSA_kwCzR0hTQS00NzRmLW1janYtcGdybc4AAzA4

packagist concrete5/concrete5
Moderate
over 2 years ago

Missing rate limit for password resets GSA_kwCzR0hTQS1waDZnLTZ2OHctOHA2bc4AAzA7

packagist concrete5/concrete5
Low
over 2 years ago

Stored cross site scripting in RSS displayer GSA_kwCzR0hTQS1mZ3hqLWc3eDMtODVjcc4AAzA6

packagist concrete5/concrete5
Critical
over 2 years ago

Concrete CMS (previously concrete5) is vulnerable to possible auth bypass in the jobs section GSA_kwCzR0hTQS1wajc2LTc1Y20tMzU1Ms4AAzA1

packagist concrete5/concrete5
Moderate
over 2 years ago

Concrete CMS missing secure cookie parameters GSA_kwCzR0hTQS1mNTVyLThyY3YtbXFjZs4AAzA0

packagist concrete5/concrete5
Moderate
over 2 years ago

Reflected cross site scripting GSA_kwCzR0hTQS12Y3ByLWhtMm0tZ2pqas4AAzA3

packagist concrete5/concrete5
Moderate
over 2 years ago

Stored cross site scripting via container name GSA_kwCzR0hTQS05aDMzLTVmeHctcjJ4ds4AAzAx

packagist concrete5/concrete5
Moderate
over 2 years ago

Stored cross site scripting on tags GSA_kwCzR0hTQS0yZ2djLTU1MmMtcm1xcs4AAzA2

packagist concrete5/concrete5
Moderate
over 2 years ago

Stored cross site scripting on saved presets GSA_kwCzR0hTQS0yajI2LWo5NTMtMnJwaM4AAzAz

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to cross-site scripting in the text input field GSA_kwCzR0hTQS14ajMzLThyNDMtcjIyN84AAwKC

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Reflected Cross-site Scripting via image manipulation library GSA_kwCzR0hTQS1qZm1jLTM5NzUtZnY1Zs4AAv3T

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Reflected Cross-site Scripting GSA_kwCzR0hTQS1yZzZ3LWMzNTItcDhwZ84AAv4o

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Uncontrolled Resource Consumption leading to DoS GSA_kwCzR0hTQS0zY3h4LTNmNTMtbTkyY84AAv4m

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Session Fixation GSA_kwCzR0hTQS1tNTN2LTV4NXgtNW0ycM4AAv4I

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Cross-site Scripting GSA_kwCzR0hTQS05amM1LTl3aDUtbWMzNs4AAv4G

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Cleartext Transmission of Sensitive Information GSA_kwCzR0hTQS1xM2hxLWhtNWgtcXJ4M84AAv4M

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Reflected Cross-Site Scripting via dashboard icons GSA_kwCzR0hTQS04NzgyLXhnaDUtcjdtds4AAv4i

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Cross-site Scripting via multilingual report GSA_kwCzR0hTQS12cTM5LXE1NDktZzc4Ns4AAv4Z

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to XML External Entity GSA_kwCzR0hTQS1xNDhyLXhnOWgtNzhtOM4AAv4a

packagist concrete5/concrete5
Moderate
about 3 years ago

Concrete CMS vulnerable to Improper Authentication GSA_kwCzR0hTQS1xNTZyLW13MzktOTQ0Z84AAv4B

packagist concrete5/concrete5
High
about 3 years ago

Concrete CMS vulnerable to Cross-site Request Forgery GSA_kwCzR0hTQS13OGZwLTNnd3EtZ3hwd84AAv2t

packagist concrete5/concrete5
Moderate
over 3 years ago

Concrete CMS Cross-site Scripting via Survey Blocks GSA_kwCzR0hTQS03Mzg4LTd2cTItbTRmNM4AAn3p

packagist concrete5/concrete5
Low
over 3 years ago

concrete5 vulnerable to Cross-site Scripting GSA_kwCzR0hTQS1qeGhwLXJ3cXYtOWZqas4AActy

packagist concrete5/concrete5
Moderate
over 3 years ago

Concrete5 Vulnerable to Cross-Site Scripting (XSS) GSA_kwCzR0hTQS14NHg5LTRjNjUtNzN3OM4AAYKh

packagist concrete5/concrete5
Moderate
over 3 years ago

Concrete CMS vulnerable to cross-site scripting (XSS) GSA_kwCzR0hTQS0ybXZnLWM2bWctM3E2M83vUA

packagist concrete5/concrete5
High
almost 4 years ago

Cross Site Request Forgery in concrete5/concrete5 GSA_kwCzR0hTQS1ncjIzLWcyNzYteGM3M80q0w

packagist concrete5/concrete5
Moderate
almost 4 years ago

Unrestricted Uploads in Concrete5 MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0Z20tcHhoMy0yOWZx

packagist concrete5/concrete5
High
about 4 years ago

Unrestricted Uploads in Concrete5 GSA_kwCzR0hTQS1oZjlwLTlyMzktcjJoM80Wzw

packagist concrete5/concrete5
High
about 4 years ago

Server-Side Request Forgery vulnerability in concrete5 GSA_kwCzR0hTQS0yODRmLWYyaHctajJneM0WYw

packagist concrete5/concrete5

Filter by Severity

Moderate 46 Low 16 High 4 Critical 1