CVE-2019-9553 – Bolt CMS 3.6.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-9553
Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933. Bolt versión 3.6.4, tiene una vulnerabilidad de tipo XSS por medio del parámetro slug, teaser o title en el archivo editcontent/pages, un problema relacionado con CVE-2017-11128 y CVE-2018-19933. Bold CMS version 3.6.4 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/46495 https://packetstormsecurity.com/files/151943/Bold-CMS-3.6.4-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-16754
https://notcve.org/view.php?id=CVE-2017-16754
Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php. Bolt en versiones anteriores a la 3.3.6 no restringe correctamente el acceso a rutas _profiler. Esto está relacionado con EventListener/ProfilerListener.php y Provider/EventListenerServiceProvider.php. • http://www.securityfocus.com/bid/101777 https://github.com/bolt/bolt/commit/aa21787241945457a2e4abc8b079672935fe0840 https://github.com/bolt/bolt/releases/tag/v3.3.6 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2015-7309 – CMS Bolt - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-7309
The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it. Vulnerabilidad en el editor de temas en Bolt en versiones anteriores a 2.2.5, no comprueba la extensión de archivo al renombrar archivos, lo que permite a usuarios remotos autenticados ejecutar código arbitrario mediante el renombrado de un archivo manipulado y accediendo entonces a este directamente. • https://www.exploit-db.com/exploits/38196 http://blog.curesec.com/article/blog/Bolt-224-Code-Execution-44.html http://packetstormsecurity.com/files/133539/CMS-Bolt-2.2.4-File-Upload.html http://seclists.org/fulldisclosure/2015/Aug/66 http://www.rapid7.com/db/modules/exploit/multi/http/bolt_file_upload https://bolt.cm/newsitem/bolt-2-2-5-released • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •