CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11476
https://notcve.org/view.php?id=CVE-2020-11476
Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file. Concrete5 versiones anteriores a 8.5.3, permite una Carga Sin Restricciones de Archivos con Tipos Peligrosos, como un archivo .phar • https://github.com/concrete5/concrete5/pull/8713 https://github.com/concrete5/concrete5/releases/tag/8.5.3 https://herolab.usd.de/security-advisories https://herolab.usd.de/security-advisories/usd-2020-0041 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14961
https://notcve.org/view.php?id=CVE-2020-14961
Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value. Concrete5 versiones anteriores a 8.5.3, no restringe la dirección de clasificación a un valor asc o desc válido • https://github.com/concrete5/concrete5/pull/8651 https://github.com/concrete5/concrete5/releases/tag/8.5.3 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2CVE-2017-18195 – Concrete5 CMS < 8.3.0 - Username / Comments Enumeration
https://notcve.org/view.php?id=CVE-2017-18195
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers. Se ha descubierto un problema en tools/conversations/view_ajax.php en Concrete5, en versiones anteriores a la 8.3.0. Un usuario no autenticado puede enumerar comentarios de todos los posts de blog realizando peticiones POST a /index.php/tools/required/conversations/view_ajax con enteros "cnvID" incrementales. Concrete5 versions prior to 8.3.0 suffers from enumeration vulnerabilities. • https://www.exploit-db.com/exploits/44194 https://github.com/concrete5/concrete5/pull/6008/files https://github.com/concrete5/concrete5/releases/tag/8.3.0 https://github.com/r3naissance/NSE/blob/master/http-vuln-cve2017-18195.nse •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2014-5107
https://notcve.org/view.php?id=CVE-2014-5107
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to (1) system/basics/editor.php, (2) system/view.php, (3) system/environment/file_storage_locations.php, (4) system/mail/importers.php, (5) system/mail/method.php, (6) system/permissions/file_types.php, (7) system/permissions/files.php, (8) system/permissions/tasks.php, (9) system/permissions/users.php, (10) system/seo/view.php, (11) view.php, (12) users/attributes.php, (13) scrapbook/view.php, (14) pages/attributes.php, (15) files/attributes.php, or (16) files/search.php in single_pages/dashboard/. concrete5 anterior a 5.6.3 permite a atacantes remotos obtener la ruta de instalación a través de una solicitud directa en (1) system/basics/editor.php, (2) system/view.php, (3) system/environment/file_storage_locations.php, (4) system/mail/importers.php, (5) system/mail/method.php, (6) system/permissions/file_types.php, (7) system/permissions/files.php, (8) system/permissions/tasks.php, (9) system/permissions/users.php, (10) system/seo/view.php, (11) view.php, (12) users/attributes.php, (13) scrapbook/view.php, (14) pages/attributes.php, (15) files/attributes.php o (16) files/search.php en single_pages/dashboard/. • http://osvdb.org/show/osvdb/109269 http://packetstormsecurity.com/files/127493/Concrete-5.6.2.1-REFERER-Cross-Site-Scripting.html http://www.securityfocus.com/bid/68685 https://www.concrete5.org/documentation/background/version_history/5-6-3-release-notes • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0CVE-2014-5108
https://notcve.org/view.php?id=CVE-2014-5108
Cross-site scripting (XSS) vulnerability in single_pages\download_file.php in concrete5 before 5.6.3 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header to index.php/download_file. Vulnerabilidad de XSS en single_pages\download_file.php en concrete5 anterior a 5.6.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la cabecera HTTP Referer en index.php/download_file. • http://osvdb.org/show/osvdb/109273 http://packetstormsecurity.com/files/127493/Concrete-5.6.2.1-REFERER-Cross-Site-Scripting.html http://www.securityfocus.com/bid/68685 https://www.concrete5.org/documentation/background/version_history/5-6-3-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •