Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

packagist

contao/core-bundle

packagist

Contao Open Source CMS

View on github.com · View on packagist.org

Security Advisories for contao/core-bundle in packagist

Moderate
2 months ago

Contao does not properly manage privileges for page and article fields GSA_kwCzR0hTQS1xcWZxLTdjcHAtaGNxas4ABLfv

packagist contao/contao, contao/core-bundle
Moderate
2 months ago

Contao can disclose sensitive information in the news module GSA_kwCzR0hTQS13NTNtLWd4dmctdng3cM4ABLfu

packagist contao/contao, contao/core-bundle
Moderate
2 months ago

Contao discloses sensitive information in the front end search index GSA_kwCzR0hTQS0yeG1qLTh3bXEtNzQ3Nc4ABLft

packagist contao/contao, contao/core-bundle
Moderate
2 months ago

Contao applies improper access control in the back end voters GSA_kwCzR0hTQS03bTQ3LXI3NXItY3g4ds4ABLfs

packagist contao/contao, contao/core-bundle
Moderate
8 months ago

Contao Vulnerable to Cross-Site Scripting (XSS) through SVG uploads GSA_kwCzR0hTQS12cXFyLWZnbWgtZjYyNs4ABFns

packagist contao/core-bundle
Moderate
about 1 year ago

Contao affected by insert tag injection via canonical URL GSA_kwCzR0hTQS0yeHBxLXhwNmMtNW1nas4AA_md

packagist contao/core-bundle
Moderate
about 1 year ago

Contao affected by directory traversal in the file selector widget GSA_kwCzR0hTQS00cDc1LTVwNTMtNjVtOc4AA_mc

packagist contao/core-bundle
High
about 1 year ago

Contao affected by remote command execution through file upload GSA_kwCzR0hTQS12bTZyLWo3ODgtaGpoNc4AA_mb

packagist contao/core-bundle
Low
over 1 year ago

Contao: Unencoded insert tags in the frontend GSA_kwCzR0hTQS03NDd2LTUyYzQtOHZqOM4AA6y7

packagist contao/core-bundle
Moderate
over 1 year ago

Contao: Cross site scripting in the file manager GSA_kwCzR0hTQS12MjRwLTdwNGotcXZ2Zs4AA6y5

packagist contao/core-bundle
Moderate
over 1 year ago

Contao: Remember-me tokens will not be cleared after a password change GSA_kwCzR0hTQS1yNHI2LWoyajMtN3BwNc4AA6wW

packagist contao/core-bundle
High
over 1 year ago

Contao: Possible cookie sharing with external domains while checking protected pages for broken links GSA_kwCzR0hTQS05amg1LXFmODQteDZwcs4AA6wU

packagist contao/core-bundle
Moderate
over 2 years ago

Cross site scripting via input unit widget GSA_kwCzR0hTQS00Z3ByLXA2MzQtOTIyeM4AA04d

packagist contao/core-bundle
Critical
over 3 years ago

Contao SQL injection in the file manager GSA_kwCzR0hTQS12cTU5LXg2bXEtNHdnd84AAhOk

packagist contao/core-bundle, contao/contao
Critical
over 3 years ago

Contao SQL injection in the backend and listing module GSA_kwCzR0hTQS13MzhnLWhqNDUtbWpqcM4AAgjW

packagist contao/listing-bundle, contao/core-bundle, contao/contao
High
over 3 years ago

Cross site scripting via canonical tag in Contao GSA_kwCzR0hTQS1tOHg2LTZyNjMtcXZqMs4AAgbl

packagist contao/contao, contao/core-bundle
High
over 3 years ago

Contao CSRF Token Bypass GSA_kwCzR0hTQS1od21oLTlqajktOGM5Y84AATmP

packagist contao/core-bundle, contao/contao
Critical
over 3 years ago

Contao Does Not Invalidate Existing Sessions When Password Changes GSA_kwCzR0hTQS12Y2dnLWhwNHItODdneM4AATl9

packagist contao/core, contao/core-bundle, contao/contao
High
over 3 years ago

Contao Core directory traversal vulnerability GSA_kwCzR0hTQS14NWc0LWNyeHEtcXhqeM4AAR8N

packagist contao/core, contao/core-bundle, contao/contao
Critical
over 3 years ago

Contao Does Not Expire Tokens Correctly GSA_kwCzR0hTQS1qOTlnLXFqdngtOTk1Z83uwg

packagist contao/core-bundle, contao/contao
Moderate
over 3 years ago

Cross-site Scripting in Contao MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqNGotMjg3ai1mNzQy

packagist contao/core-bundle, contao/core, contao/contao
Moderate
about 4 years ago

Cross site scripting via HTML attributes in the back end MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhyM2gteDZncS1ycWNw

packagist contao/core-bundle, contao/contao
High
about 4 years ago

Privilege escalation via form generator MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxNW0tbXFteC1mdzZt

packagist contao/contao, contao/core-bundle
Moderate
about 4 years ago

PHP file inclusion via insert tags MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2bXYtcHBqYy00aGdy

packagist contao/contao, contao/core-bundle
Moderate
over 4 years ago

Cross site scripting in the system log MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1OHYtYzZyZi1nOWY3

packagist contao/contao, contao/core-bundle
Moderate
about 5 years ago

Contao Insert tag injection in forms MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY3d20teDRndy02bTIz

packagist contao/core-bundle
Moderate
almost 6 years ago

Insert tag injection in the Contao login module MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjNDMtcXJycC05OGY1

packagist contao/core-bundle
Moderate
almost 6 years ago

Information disclosure in the Contao backend MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtdmMtcWM1dy12NXFy

packagist contao/core-bundle
High
almost 6 years ago

Unrestricted file uploads in Contao MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdqeDgtY2dybS1oaDhw

packagist contao/contao, contao/core-bundle

Filter by Severity

Moderate 17 High 7 Critical 4 Low 1