CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45604 – Directory traversal in the file selector widget in contao/core-bundle
https://notcve.org/view.php?id=CVE-2024-45604
17 Sep 2024 — Contao is an Open Source CMS. In affected versions authenticated users in the back end can list files outside the document root in the file selector widget. Users are advised to update to Contao 4.13.49. There are no known workarounds for this vulnerability. • https://contao.org/en/security-advisories/directory-traversal-in-the-fileselector-widget • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30262 – Contao's remember-me tokens will not be cleared after a password change
https://notcve.org/view.php?id=CVE-2024-30262
09 Apr 2024 — Contao is an open source content management system. Prior to version 4.13.40, when a frontend member changes their password in the personal data or the password lost module, the corresponding remember-me tokens are not removed. If someone compromises an account and is able to get a remember-me token, changing the password would not be enough to reclaim control over the account. Version 4.13.40 contains a fix for the issue. As a workaround, disable "Allow auto login" in the login module. • https://github.com/contao/contao/commit/3032baa456f607169ffae82a8920354adb338fe9 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28234 – Contao has insufficient BBCode sanitizer
https://notcve.org/view.php?id=CVE-2024-28234
09 Apr 2024 — Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable BBCode for comments. • https://contao.org/en/security-advisories/insufficient-bbcode-sanitization • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5478
https://notcve.org/view.php?id=CVE-2018-5478
21 Sep 2023 — Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension. Contao 3.x anterior a 3.5.32 permite XSS a través del módulo de cancelación de suscripción en la extensión del boletín frontal. • https://github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2018-5478.yaml • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29200 – contao/core-bundle has path traversal vulnerability in the file manager
https://notcve.org/view.php?id=CVE-2023-29200
25 Apr 2023 — Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao 4.9.40, 4.13.21 or 5.1.4 to receive a patch. There are no known workarounds. • https://contao.org/en/security-advisories/directory-traversal-in-the-file-manager • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-10125
https://notcve.org/view.php?id=CVE-2018-10125
16 Mar 2020 — Contao before 4.5.7 has XSS in the system log. Contao versiones anteriores a 4.5.7, presenta una vulnerabilidad de tipo XSS en el registro del sistema. • https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •