Product
concretecms concrete cms
154 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-8353
CVE-2026-8347
CVE-2026-8340
CVE-2026-8435
CVE-2026-8434
CVE-2026-8433
CVE-2026-8432
CVE-2026-8427
CVE-2026-8416
CVE-2026-8415
CVE-2026-8414
CVE-2026-8413
CVE-2026-8412
CVE-2026-8411
CVE-2026-8410
CVE-2026-8409
CVE-2026-8337
CVE-2026-8327
CVE-2026-8245
CVE-2026-8240
CVE-2026-8239
CVE-2026-8238
CVE-2026-8237
CVE-2026-8236
CVE-2026-8139
CVE-2026-7890
CVE-2026-7887
CVE-2026-7886
CVE-2026-7882
CVE-2026-7881
CVE-2026-7879
CVE-2026-8428
CVE-2026-8426
CVE-2026-8421
CVE-2026-8417
CVE-2026-8350
CVE-2026-8205
CVE-2026-8204
CVE-2026-8203
CVE-2026-8197
CVE-2026-8140
CVE-2026-8135
CVE-2026-8134
CVE-2026-6826
CVE-2026-30662
CVE-2026-3242
CVE-2026-3241
CVE-2026-3240
CVE-2026-2994
CVE-2026-3452
CVE-2026-3244
CVE-2025-8573
CVE-2025-8571
CVE-2025-3153
CVE-2025-0660
CVE-2024-8291
CVE-2024-7398
CVE-2024-8660
CVE-2024-8661
CVE-2024-7512
CVE-2024-4350
CVE-2024-7394
CVE-2024-4353
CVE-2024-3181
CVE-2024-3180
CVE-2024-3179
CVE-2024-3178
CVE-2024-2753
CVE-2024-2179
CVE-2023-49337
CVE-2023-48653
CVE-2023-48651
CVE-2023-48650
CVE-2024-1246
CVE-2024-1245
CVE-2024-1247
CVE-2023-48652
CVE-2023-48649
CVE-2023-48648
CVE-2023-44760
CVE-2023-44763
CVE-2023-44766
CVE-2023-44765
CVE-2023-44764
CVE-2023-44762
CVE-2023-44761
CVE-2023-28821
CVE-2023-28820
CVE-2023-28819
CVE-2023-28477
CVE-2023-28476
CVE-2023-28475
CVE-2023-28474
CVE-2023-28473
CVE-2023-28472
CVE-2023-28471
CVE-2022-43556
CVE-2022-43695
CVE-2022-43691
CVE-2022-43690
CVE-2022-43689
CVE-2022-43688
CVE-2022-43687
CVE-2022-43968
CVE-2022-43967
CVE-2022-43686
CVE-2022-43694
CVE-2022-43692
CVE-2022-43693
CVE-2022-30120
CVE-2022-30119
CVE-2022-30118
CVE-2022-30117
CVE-2022-21829
CVE-2021-22954
CVE-2021-40101
CVE-2021-22970
CVE-2021-22969
CVE-2021-22968
CVE-2021-22967
CVE-2021-22966
CVE-2021-22951
CVE-2021-22958
CVE-2021-40109
CVE-2021-40108
CVE-2021-40106
CVE-2021-40105
CVE-2021-40104
CVE-2021-40103
CVE-2021-40098
CVE-2021-40097
CVE-2021-40102
CVE-2021-40100
CVE-2021-40099
CVE-2021-22953
CVE-2021-22950
CVE-2021-22949
CVE-2021-36766
CVE-2021-28145
CVE-2021-3111
CVE-2020-24986
CVE-2020-11476
CVE-2020-14961
CVE-2011-3183
CVE-2018-19146
CVE-2018-13790
CVE-2017-18195
CVE-2015-4724
CVE-2015-4721
CVE-2017-8082
CVE-2017-7725
CVE-2014-9526
CVE-2014-5108
CVE-2014-5107
>= 9.0 and < 9.5.1
Concrete CMS version 9.0 to 9.5.0 is vulnerable to Stored XSS via page name in the Atomik theme. A rogue editor can inject arbitr
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog. This c
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion. Victim with edit_file_contents permission
>= 9.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file approveVersion
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan(). The
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star(). The Co
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavorite
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFol
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate. The
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design. Th
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache. Th
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete. Th
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete.
>= 9.0.0 and < 9.5.1
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete. The T
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a wa
< 9.5.1
Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The use
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Lega
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summar
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/get_rating' endpoint confirms existence an
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR. The '/ccm/frontend/conversations/message_page' endpoint returns the full co
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR. The
/ccm/frontend/conversations/message_detail endpoint returns the full co< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate. The endpoint /ccm/system/dialogs/
<= 9.5.0
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because updateCollectionAliasExternal bypas
< 9.5.1
In Concrete CMS 9.5.0 and below, the RSS Displayer block accepts a feed URL from any page editor and fetches it server-side withou
< 9.5.1
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 (suspende
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[] parameter which can lead to file
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF token check in the DeleteFile co
< 9.5.1
Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference (IDOR) in the Express Entry Detail block via the exE
< 9.5.1
In Concrete CMS 9.5.0 and below, the submit_password() method in concrete/controllers/single_page/download_file.php allows unaut
< 9.5.1
Concrete CMS 9.5.0 and below emits a CSRF token in the local_available_update.php view ($token-output('do_update')) but the corres
< 9.5.1
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare_remote_
< 9.5.1
Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the install_package() method of concrete/controllers/single_page/das
< 9.5.1
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/do_update/<pkgH
<= 9.5.0
Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulk_user_assignment.php which can lead to privilege es
<= 9.5.0
Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check ca
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-cal
<= 9.5.0
Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any u
<= 9.5.0
Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth authorize template renders the inte
<= 9.5.0
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/install/download/<remo
<= 9.5.0
Concrete CMS 9.5.0 and below is vulnerable to Remote Code Execution due to insecure deserialization occurring in the ExpressEntr
<= 9.5.0
Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field
< 9.5.1
Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage c
all versions
ConcreteCMS v9.4.7 contains a Denial of Service (DoS) vulnerability in the File Manager component. The 'download' method in 'concr
< 9.4.8
In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch Language block. The Concrete CMS s
< 9.4.8
In Concrete CMS below version 9.4.8, a stored cross-site scripting (XSS) vulnerability exists in the "Legacy Form" block. An auth
< 9.4.8
In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy form can perform a stored XSS atta
< 9.4.8
Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration vi
< 9.4.8
Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object injection into the Express Entry Li
< 9.4.8
In Concrete CMS below version 9.4.8, A stored cross-site scripting (XSS) vulnerability exists in the search block where page names
>= 9.0 and < 9.4.3
Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not
< 8.5.21
Concrete CMS 9 to 9.4.2 and versions below 8.5.21 are vulnerable to Reflected Cross-Site Scripting (XSS) in the Conversation Messa
< 8.5.20
Concrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 are vulnerable to CSRF and XSS in the Concrete CMS Address attribu
>= 9.0 and < 9.4.0
Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks inp
>= 9.0.0 and < 9.3.3
Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in Image Editor Background Color. A rogue adm
< 8.5.19
Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vulnerable to stored XSS in the calendar event addition featur
>= 9.0.0 and < 9.3.4
Concrete CMS versions 9.0.0 through 9.3.3 are affected by a stored XSS vulnerability in the "Top Navigator Bar" block. Since the "
< 8.5.19
Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block. A rogue admin
>= 9.0.0 and < 9.3.3
Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in Board instances. A rogue administrator cou
< 8.5.18
Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and
< 8.5.18
Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrat
>= 9.0.0 and < 9.3.3
Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in the generate dashboard board instance func
< 8.5.16
Concrete CMS version 9 prior to 9.2.8 and previous versions prior to 8.5.16 are vulnerable to Stored XSS in the Search Field. Pri
< 8.5.16
Concrete CMS version 9 below 9.2.8 and previous versions below 8.5.16 is vulnerable to Stored XSS in blocks of type file. Stored
< 8.5.16
Concrete CMS version 9 before 9.2.8 and previous versions before 8.5.16 are vulnerable to Stored XSS in the Custom Class page edi
< 8.5.16
Concrete CMS versions 9 below 9.2.8 and versions below 8.5.16 are vulnerable to Cross-site Scripting (XSS) in the Advanced File
< 8.5.16
Concrete CMS version 9 before 9.2.8 and previous versions prior to 8.5.16 is vulnerable to Stored XSS on the calendar color settin
>= 9.0.0 and < 9.2.7
Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient val
>= 9.0.0 and < 9.2.3
Concrete CMS before 9.2.3 allows Stored XSS on the Admin Dashboard via /dashboard/system/basics/name. (8.5 and earlier are unaffec
< 8.5.14
Concrete CMS before 8.5.14 and 9 before 9.2.3 allows Cross Site Request Forgery (CSRF) via ccm/calendar/dialogs/event/delete/submi
>= 9.0.0 and < 9.2.3
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) at /ccm/system/dialogs/file/delete/1/submit.
< 8.5.14
Concrete CMS before 8.5.14 and 9 before 9.2.3 is vulnerable to an admin adding a stored XSS payload via the Layout Preset name.
>= 9.0.0 and < 9.2.5
Concrete CMS in version 9 before 9.2.5 is vulnerable to reflected XSS via the Image URL Import Feature due to insufficient validat
>= 9.0.0 and < 9.2.5
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator enter
>= 9.0.0 and < 9.2.5
Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS via the Role Name field since there is insufficient validation
>= 9.0 and < 9.2.3
Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. An
< 8.5.13
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XSS on the Admin page via an uploaded file name.
< 8.5.13
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permis
all versions
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a craf
all versions
Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scr
all versions
A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted scri
all versions
A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to
all versions
A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Sit
all versions
A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary co
all versions
Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1
< 9.1.0
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
< 9.1.0
Concrete CMS (previously concrete5) before 9.1 is vulnerable to stored XSS in RSS Displayer via the href attribute because the lin
< 9.1.0
Concrete CMS (previously concrete5) versions 8.5.12 and below, 9.0.0 through 9.0.2 is vulnerable to Stored XSS in uploaded file an
< 9.2.0
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to stored XSS on API Integratio
< 9.2.0
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files.
< 9.2.0
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on th
< 9.2.0
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Saved Presets on search.
< 9.2.0
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the
< 9.2.0
Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 does not have Secure and HTTP only attributes
< 9.2.0
Concrete CMS (previously concrete5) in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name.
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XSS in the text input field since the
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in d
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive informatio
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 did not use strict comparison for the legacy_salt so th
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to XXE based DNS requests leading to IP d
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Stored Cross-Site Scripting (XSS) in i
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth a
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the dashboard icons d
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the multilingual repo
< 8.5.10
In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled u
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS in the image manipulatio
< 8.5.10
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 is vulnerable to Reflected XSS - user can cause an admi
< 8.5.10
Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of
< 8.5.8
XSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabl
< 8.5.8
XSS in /dashboard/reports/logs/view - old browsers only. When using Internet Explorer with the XSS protection disabled, insufficie
< 8.5.8
Title for CVE: XSS in /dashboard/system/express/entities/forms/save_control/[GUID]: old browsers only.Description: When using Inte
< 8.5.8
Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could re
< 8.5.8
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip fil
< 9.0
A cross-site request forgery vulnerability exists in Concrete CMS <v9 that could allow an attacker to make requests on behalf of o
< 8.5.7
An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for th
<= 8.5.6
Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vul
< 8.5.7
Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the
< 8.5.7
A bypass of adding remote files in Concrete CMS (previously concrete5) File Manager leads to remote code execution in Concrete CMS
< 8.5.7
In Concrete CMS (formerly concrete 5) below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add M
< 8.5.7
Privilege escalation from Editor to Admin using Groups in Concrete CMS versions 8.5.6 and below. If a group is granted "view" perm
< 8.5.7
Unauthorized individuals could view password protected files using view_inline in Concrete CMS (previously concrete 5) prior to ve
< 8.5.5
A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to b
< 8.5.6
A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with pe
< 8.5.6
An issue was discovered in Concrete CMS through 8.5.5. The Calendar is vulnerable to CSRF. ccm_token is not verified on the ccm/ca
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field.
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments.
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal can lead to Arbitrary File Reading and SSRF.
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Path Traversal leading to RCE via external form by adding a regular express
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to remote code execution via uploaded
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP O
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor i
<= 8.5.5
An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.
<= 8.5.5
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhausti
< 8.5.6
Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Cr
<= 8.5.5
A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhau
< 8.5.6
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/s
< 8.5.5
Concrete CMS (formerly concrete5) before 8.5.5 allows remote authenticated users to conduct XSS attacks via a crafted survey block
< 8.5.5
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboa
<= 8.5.2
Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. I
< 8.5.3
Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.
< 8.5.3
Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.
<= 5.4.1.1
A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier.
all versions
Concrete5 8.4.3 has XSS because config/concrete.php allows uploads (by administrators) of SVG files that may contain HTML data wit
all versions
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on t
< 8.3.0
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comm
all versions
SQL injection vulnerability in Concrete5 5.7.3.1.
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1.
all versions
concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation
all versions
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" U
all versions
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbi
all versions
Cross-site scripting (XSS) vulnerability in single_pages\download_file.php in concrete5 before 5.6.3 allows remote attackers to in
all versions
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to (1) system/basics/editor.ph