Vulnerabilidades em octobercms
39 resultadosCVE-2021-32648HIGHAccount Takeover in OctobercmsEPSS 90.4%KEVCVE-2022-21705HIGHAuthenticated remote code execution in octobercmsEPSS 8.7%CVE-2020-5295MEDIUMLocal File read vulnerability in OctoberCMSEPSS 7.4%CVE-2021-32650HIGHArbitrary code execution in october/systemEPSS 2.1%CVE-2020-15246HIGHLocal File Inclusion by unauthenticated usersEPSS 1.7%CVE-2021-21265MEDIUMOctober CMS vulnerable to Potential Host Header Poisoning on misconfigured serversEPSS 1.5%CVE-2020-5296MEDIUMArbitrary File Deletion vulnerability in OctoberCMSEPSS 1.4%CVE-2021-32649HIGHAuthenticated file write leads to remote code execution in october/systemEPSS 1.3%CVE-2020-5297LOWUpload whitelisted files to any directory in OctoberCMSEPSS 1.2%CVE-2022-24800HIGHRace Condition in October CMS upload processEPSS 1.1%CVE-2021-41126HIGHDeleted Admin Can Sign In to Admin InterfaceEPSS 1.1%CVE-2020-5299MEDIUMPotential CSV Injection vector in OctoberCMSEPSS 1.0%CVE-2020-5298MEDIUMReflected XSS when importing CSV in OctoberCMSEPSS 0.9%CVE-2021-29487HIGHAuthentication bypass in OctobercmsEPSS 0.9%CVE-2023-44382CRITICALOctober CMS safe mode bypass using Twig sandbox escapeEPSS 0.9%CVE-2022-35944MEDIUMOctober CMS Safe Mode bypass leads to authenticated RCE (Remote Code Execution)EPSS 0.9%CVE-2020-15128MEDIUMReliance on Cookies without validation in OctoberCMSEPSS 0.7%CVE-2022-23655MEDIUMMissing server signature validation in OctoberCMSEPSS 0.6%CVE-2023-44381MEDIUMOctober CMS safe mode bypass using Page template injectionEPSS 0.5%CVE-2020-15249LOWStored XSS by authenticated backend user with access to upload filesEPSS 0.5%