CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19146
https://notcve.org/view.php?id=CVE-2018-19146
Concrete5 8.4.3 has XSS because config/concrete.php allows uploads (by administrators) of SVG files that may contain HTML data with a SCRIPT element. Concrete5 versión 8.4.3, presenta una vulnerabilidad de tipo XSS porque el archivo config/concrete.php permite la carga (por administradores) de archivos SVG que pueden contener datos HTML con un elemento SCRIPT. • https://hackerone.com/concrete5?view_policy=true https://hackerone.com/reports/437863 https://www.concrete5.org https://www.w3.org/TR/SVG2/intro.html#W3CCompatibility • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2018-13790
https://notcve.org/view.php?id=CVE-2018-13790
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. Una vulnerabilidad de Server-Side Request Forgery (SSRF) en tools/files/importers/remote.php en concrete5 8.2.0 puede dar lugar a ataques en la red local, así como al mapeo de redes internas debido a la funcionalidad URL en la página File Manager. • https://hackerone.com/reports/243865 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2CVE-2017-18195 – Concrete5 CMS < 8.3.0 - Username / Comments Enumeration
https://notcve.org/view.php?id=CVE-2017-18195
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers. Se ha descubierto un problema en tools/conversations/view_ajax.php en Concrete5, en versiones anteriores a la 8.3.0. Un usuario no autenticado puede enumerar comentarios de todos los posts de blog realizando peticiones POST a /index.php/tools/required/conversations/view_ajax con enteros "cnvID" incrementales. Concrete5 versions prior to 8.3.0 suffers from enumeration vulnerabilities. • https://www.exploit-db.com/exploits/44194 https://github.com/concrete5/concrete5/pull/6008/files https://github.com/concrete5/concrete5/releases/tag/8.3.0 https://github.com/r3naissance/NSE/blob/master/http-vuln-cve2017-18195.nse •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4724
https://notcve.org/view.php?id=CVE-2015-4724
SQL injection vulnerability in Concrete5 5.7.3.1. Existe una vulnerabilidad de inyección SQL en Concrete5 5.7.3.1. • http://hackerone.com/reports/59664 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4721
https://notcve.org/view.php?id=CVE-2015-4721
Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1. Existen múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) en Concrete5 5.7.3.1. • http://hackerone.com/reports/59661 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •