Known Vulnerabilities for Concrete5 by Concrete5

Listed below are 10 of the newest known vulnerabilities associated with the software "Concrete5" by "Concrete5".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-41465 Cross-site scripting (XSS) vulnerability in concrete/elements/collection_theme.php in concrete5-legacy 5.6.4.0 and below allo... Not Provided 2021-10-01 2021-10-01
CVE-2021-41464 Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows... Not Provided 2021-10-01 2021-10-01
CVE-2021-41463 Cross-site scripting (XSS) vulnerability in toos/permissions/dialogs/access/entity/types/group_combination.php in concrete5-l... Not Provided 2021-10-01 2021-10-01
CVE-2021-41462 Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows... Not Provided 2021-10-01 2021-10-01
CVE-2021-41461 Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows... Not Provided 2021-10-01 2021-10-01
CVE-2021-36766 Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashbo... Not Provided 2021-07-30 2021-07-30
CVE-2021-22958 A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address... Not Provided 2021-10-07 2021-10-07
CVE-2021-3111 The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/da... 4.8 - MEDIUM 2021-01-08 2021-07-22
CVE-2020-24986 Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manag... 7.2 - HIGH 2020-09-04 2020-09-11
CVE-2020-14961 Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value. 5.3 - MEDIUM 2020-06-22 2020-06-30

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationConcrete5Concrete58.5.4AllAllAll
ApplicationConcrete5Concrete58.5.3AllAllAll
ApplicationConcrete5Concrete58.5.2AllAllAll
ApplicationConcrete5Concrete58.5.1AllAllAll
ApplicationConcrete5Concrete58.5.0AllAllAll
ApplicationConcrete5Concrete58.4.5AllAllAll
ApplicationConcrete5Concrete58.4.4AllAllAll
ApplicationConcrete5Concrete58.4.3AllAllAll
ApplicationConcrete5Concrete58.4.2AllAllAll
ApplicationConcrete5Concrete58.4.1AllAllAll
ApplicationConcrete5Concrete58.4.0AllAllAll
ApplicationConcrete5Concrete58.3.2AllAllAll
ApplicationConcrete5Concrete58.3.1AllAllAll
ApplicationConcrete5Concrete58.3.0AllAllAll
ApplicationConcrete5Concrete58.2.1AllAllAll
ApplicationConcrete5Concrete58.2.0AllAllAll
ApplicationConcrete5Concrete58.1.0AllAllAll
ApplicationConcrete5Concrete58.0.2AllAllAll
ApplicationConcrete5Concrete58.0.1AllAllAll
ApplicationConcrete5Concrete58.0AllAllAll

Popular searches for Concrete5

concrete5 is a free CMS Open Source Content Management System

www.concrete5.org

A =concrete5 is a free CMS Open Source Content Management System Concrete CMS is an open source content management system. A point and click, free CMS that creates websites.

www.sjca.edu www.concrete5.org/r/-/36216 www.concrete5.org/r/-/82852 www.sjca.edu/main.html www.concrete5.org/r/-/67148 www.sjca.edu/asp/home.aspx www.concrete5.org/offers/-/fjdgzxec7xyt www.concrete5.org/r/-/27444 Content management system Concrete5 Free software Website Open source Point and click DevOps Open content Application software HTML5 video Blog Download Open-source software User experience Usability Software deployment Online shopping Marketspace Solution Theme (computing)

concrete5/concrete5

github.com/concrete5/concrete5

oncrete5/concrete5 Official repository for concrete5 development. Contribute to concrete5 GitHub.

github.com/concrete5/concrete5-5.7.0 Concrete5 GitHub Repository (version control) Software repository Software development Adobe Contribute Documentation Installation (computer programs) Command-line interface Software documentation Xcode Microsoft Visual Studio Tag (metadata) Git Package manager Legacy system Login Download Commit (data management) YAML

© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report