CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45604 – Directory traversal in the file selector widget in contao/core-bundle
https://notcve.org/view.php?id=CVE-2024-45604
17 Sep 2024 — Contao is an Open Source CMS. In affected versions authenticated users in the back end can list files outside the document root in the file selector widget. Users are advised to update to Contao 4.13.49. There are no known workarounds for this vulnerability. • https://contao.org/en/security-advisories/directory-traversal-in-the-fileselector-widget • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30262 – Contao's remember-me tokens will not be cleared after a password change
https://notcve.org/view.php?id=CVE-2024-30262
09 Apr 2024 — Contao is an open source content management system. Prior to version 4.13.40, when a frontend member changes their password in the personal data or the password lost module, the corresponding remember-me tokens are not removed. If someone compromises an account and is able to get a remember-me token, changing the password would not be enough to reclaim control over the account. Version 4.13.40 contains a fix for the issue. As a workaround, disable "Allow auto login" in the login module. • https://github.com/contao/contao/commit/3032baa456f607169ffae82a8920354adb338fe9 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28234 – Contao has insufficient BBCode sanitizer
https://notcve.org/view.php?id=CVE-2024-28234
09 Apr 2024 — Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable BBCode for comments. • https://contao.org/en/security-advisories/insufficient-bbcode-sanitization • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-29200 – contao/core-bundle has path traversal vulnerability in the file manager
https://notcve.org/view.php?id=CVE-2023-29200
25 Apr 2023 — Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao 4.9.40, 4.13.21 or 5.1.4 to receive a patch. There are no known workarounds. • https://contao.org/en/security-advisories/directory-traversal-in-the-file-manager • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 3CVE-2022-26265
https://notcve.org/view.php?id=CVE-2022-26265
18 Mar 2022 — Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. Se ha detectado que Contao Managed Edition versión v1.5.0, contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro php_cli del componente • https://github.com/Inplex-sys/CVE-2022-26265 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4383
https://notcve.org/view.php?id=CVE-2012-4383
29 Jan 2020 — contao prior to 2.11.4 has a sql injection vulnerability contao versiones anteriores a 2.11.4, presenta una vulnerabilidad de inyección sql. • http://www.openwall.com/lists/oss-security/2012/08/31/14 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •