CVE-2021-40098
https://notcve.org/view.php?id=CVE-2021-40098
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular expression. Se ha detectado un problema en Concrete CMS versiones hasta 8.5.5. Un Salto de Ruta conlleva a RCE por medio de una forma externa al añadir una expresión regular • https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/1102080 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-40097
https://notcve.org/view.php?id=CVE-2021-40097
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter. Se ha detectado un problema en Concrete CMS versiones hasta 8.5.5. Un salto de ruta autenticado conlleva a una ejecución de código remota por medio de código PHP cargado, relacionado con el parámetro bFilename • https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/1102067 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-40099
https://notcve.org/view.php?id=CVE-2021-40099
An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. Un problema fue detectado en Concrete CMS versiones hasta 8.5.5. Una obtención del esquema de actualización json a través de HTTP conlleva a una ejecución de código remota. • https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/982130 •
CVE-2021-40100
https://notcve.org/view.php?id=CVE-2021-40100
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text. Se ha detectado un problema en Concrete CMS versiones hasta 8.5.5. Un ataque de tipo XSS almacenado puede ocurrir en las Conversaciones cuando el Active Conversation Editor se establece en Texto Enriquecido. • https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/616770 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-40102
https://notcve.org/view.php?id=CVE-2021-40102
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup magic method). Se ha detectado un problema en Concrete CMS versiones hasta 8.5.5. Puede producirse una eliminación arbitraria de archivos por medio de una deserialización de PHAR en la función is_dir (inyección de objetos PHP asociada al método mágico __wakeup). • https://documentation.concretecms.org/developers/introduction/version-history/856-release-notes https://hackerone.com/reports/921288 • CWE-502: Deserialization of Untrusted Data •