Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
backdropcms backdrop cms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2019-19903
An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying file type descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute scripting...
Backdropcms Backdrop Cms
4.8
CVSSv3
CVE-2019-19901
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an...
Backdropcms Backdrop Cms
4.8
CVSSv3
CVE-2019-19900
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have...
Backdropcms Backdrop Cms
7.2
CVSSv3
CVE-2019-19902
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, allowing...
Backdropcms Backdrop Cms
5.3
CVE-2022-34530
An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames....
Backdropcms Backdrop Cms
9.8
CVSSv3
CVE-2019-14771
Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be...
Backdropcms Backdrop Cms
7.2
CVE-2022-42092
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution....
Backdropcms Backdrop Cms 1.22.0
1 Github repository available
4.8
CVE-2022-42096
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content....
Backdropcms Backdrop Cms 1.23.0
3 Github repositories available
4.8
CVSSv3
CVE-2018-1000813
Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts. that can result in Execution of JavaScript from an unexpected source.. This attack appear to be exploitable via A user...
Backdropcms Backdrop Cms
4.8
CVE-2022-42095
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content....
Backdropcms Backdrop Cms 1.23.0
2 Github repositories available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
file inclusion
CVE-2021-41144
CVE-2022-34689
CVE-2023-22242
CVE-2023-22322
XML injection
CVE-2022-39811
CVE-2022-31711
buffer overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »