Known Vulnerabilities for products from Alkacon
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Alkacon".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-42346 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2023-42345 json | Not Provided | 2026-05-08 | 2026-05-08 | |
| CVE-2023-42344 json | Not Provided | 2026-05-08 | 2026-05-08 | |
| CVE-2023-42343 json | Not Provided | 2026-05-08 | 2026-05-08 | |
| CVE-2023-37602 json | An arbitrary file upload vulnerability in the component /workplace#!explorer of Alkacon OpenCMS v15.0 allows attackers to exe... | 6.1 - MEDIUM | 2023-07-20 | 2023-07-31 |
| CVE-2023-31544 json | A stored cross-site scripting (XSS) vulnerability in alkacon-OpenCMS v11.0.0.0 allows attackers to execute arbitrary web scri... | 5.4 - MEDIUM | 2023-05-16 | 2023-05-24 |
| CVE-2021-25968 json | In “OpenCMS”, versions 10.5.0 to 11.0.2 are affected by a stored XSS vulnerability that allows low privileged application... | 5.4 - MEDIUM | 2021-10-19 | 2021-10-21 |
| CVE-2021-3312 json | An XML external entity (XXE) vulnerability in Alkacon OpenCms 11.0, 11.0.1 and 11.0.2 allows remote authenticated users with ... | 6.5 - MEDIUM | 2021-10-08 | 2021-10-15 |
| CVE-2019-13237 json | In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker ... | 4.3 - MEDIUM | 2019-08-27 | 2022-04-18 |
| CVE-2019-13236 json | In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the manageme... | 6.1 - MEDIUM | 2019-08-27 | 2019-09-02 |
| CVE-2019-13235 json | In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. | 6.1 - MEDIUM | 2019-08-27 | 2019-09-02 |
| CVE-2019-13234 json | In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. | 6.1 - MEDIUM | 2019-08-27 | 2019-09-02 |
| CVE-2019-11819 json | Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/wor... | 7.8 - HIGH | 2019-05-08 | 2020-08-24 |
| CVE-2019-11818 json | Alkacon OpenCMS v10.5.4 and before is affected by stored cross site scripting (XSS) in the module New User (/opencms/system/w... | 6.1 - MEDIUM | 2019-05-08 | 2019-05-08 |
| CVE-2018-8815 json | Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject ... | 4.6 - MEDIUM | 2018-03-20 | 2018-04-13 |
| CVE-2018-8811 json | ** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10... | 8.8 - HIGH | 2018-03-20 | 2023-11-07 |
| CVE-2015-2351 json | Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms 9.5.1 and earlier allow remote attackers to inject arb... | Not Provided | 2015-03-19 | 2026-05-06 |
| CVE-2013-4600 json | Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrar... | Not Provided | 2013-08-09 | 2026-04-29 |
| CVE-2009-4505 json | Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject ar... | Not Provided | 2010-03-26 | 2026-04-29 |
| CVE-2008-1753 json | Cross-site scripting (XSS) vulnerability in system/workplace/admin/workplace/sessions.jsp in Alkacon OpenCMS 7.0.3 allows rem... | Not Provided | 2008-04-11 | 2026-04-23 |
Known software with vulnerabilities from Alkacon
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Alkacon | Opencms | 10 |
| Application | Alkacon | Opencms Apollo Template | 10.5.0 |