Vulnerabilities (CVE)

Filtered by vendor Concretecms Subscribe
Total 85 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-1247 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 2.0 LOW
Concrete CMS version 9 before 9.2.5 is vulnerable to  stored XSS via the Role Name field since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Role Name field which might be executed when users visit the affected page. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . Concrete versions below 9 do not include group types so they are not affected by this vulnerability.
CVE-2024-1246 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 2.0 LOW
Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validation of administrator provided data. A rogue administrator could inject malicious code when importing images, leading to the execution of the malicious code on the website user’s browser. The Concrete CMS Security team scored this 2 with CVSS v3 vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N. This does not affect Concrete versions prior to version 9.
CVE-2024-1245 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 2.4 LOW
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attributes and, when another administrator opens the same file for editing, the malicious code could execute. The Concrete CMS Security team scored this 2.4 with CVSS v3 vector AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N.
CVE-2023-48652 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 4.3 MEDIUM
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated.
CVE-2023-48649 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 3.5 LOW
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.
CVE-2023-48648 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 9.8 CRITICAL
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.
CVE-2023-44766 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 4.8 MEDIUM
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature.
CVE-2023-44765 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings.
CVE-2023-44764 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings).
CVE-2023-44763 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even though pdf is one of the allowed file types in the default configuration.
CVE-2023-44762 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags.
CVE-2023-44761 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects.
CVE-2023-44760 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 4.8 MEDIUM
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly.
CVE-2023-28821 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.3 MEDIUM
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
CVE-2023-28820 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 2.0 LOW
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the link element input was not sanitized.
CVE-2023-28819 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 3.5 LOW
Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 through 9.0.2 is vulnerable to Stored XSS in uploaded file and folder names.
CVE-2023-28477 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.5 MEDIUM
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integrations via the name parameter.
CVE-2023-28476 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Tags on uploaded files.
CVE-2023-28475 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 6.1 MEDIUM
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.
CVE-2023-28474 1 Concretecms 1 Concrete Cms 2024-11-21 N/A 5.4 MEDIUM
Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Saved Presets on search.