CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12309
https://notcve.org/view.php?id=CVE-2019-12309
dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. The vulnerability is caused by the insecure extraction of a ZIP archive. dotCMS anterior a la versión 5.1.0, tiene una vulnerabilidad de control incorrecto a rutas de directorios restringidos (path traversal) explotable por un administrador para crear archivos. La vulnerabilidad es causa la extracción insegura de un archivo ZIP. • https://dotcms.com/security/SI-48 https://github.com/dotCMS/core/compare/605e5db...364c910 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17422
https://notcve.org/view.php?id=CVE-2018-17422
dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. dotCMS, en versiones anteriores a la 5.0.2, tiene redireccionamientos abiertos mediante los parámetros FORWARD_URL en html/common/forward_js.jsp o hostname en html/portlet/ext/common/page_preview_popup.jsp. • https://github.com/dotCMS/core/issues/15286 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19554
https://notcve.org/view.php?id=CVE-2018-19554
An issue was discovered in Dotcms through 5.0.3. Attackers may perform XSS attacks via the inode, identifier, or fieldName parameter in html/js/dotcms/dijit/image/image_tool.jsp. Se ha descubierto un problema en Dotcms hasta su versión 5.0.3. Los atacantes podrían realizar ataques de Cross-Site Scripting (XSS) mediante los parámetros inode, identifier o fieldName en html/js/dotcms/dijit/image/image_tool.jsp. • https://medium.com/%40buxuqua/dotcms-xss-65cdc4174815 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2016-10007 – dotCMS SQL Injection
https://notcve.org/view.php?id=CVE-2016-10007
SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter. Vulnerabilidad de inyección SQL en la pantalla "Marketing > Forms" en dotCMS en versiones anteriores a la 3.7.2 y 4.x anteriores a la 4.1.1 permite que los administradores autenticados remotos ejecuten comandos SQL arbitrarios mediante el parámetro _EXT_FORM_HANDLER_orderBy. dotCMS versions prior to 4.1.1 suffer from remote SQL injection vulnerabilities. • https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2016-10008 – dotCMS SQL Injection
https://notcve.org/view.php?id=CVE-2016-10008
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter. Vulnerabilidad de inyección SQL en la pantalla "Content Types > Content Types" en dotCMS en versiones anteriores a la 3.7.2 y 4.x anteriores a la 4.1.1 permite que los administradores autenticados remotos ejecuten comandos SQL arbitrarios mediante el parámetro _EXT_STRUCTURE_direction. dotCMS versions prior to 4.1.1 suffer from remote SQL injection vulnerabilities. • https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •