Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silverstripe silverstripe vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-37421
Silverstripe silverstripe/cms up to and including 4.11.0 allows XSS.
Silverstripe Silverstripe
6.1
CVSSv3
CVE-2019-12205
SilverStripe up to and including 4.3.3 has Flash Clipboard Reflected XSS.
Silverstripe Silverstripe
2.7
CVSSv3
CVE-2019-12617
In SilverStripe up to and including 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution.
Silverstripe Silverstripe
6.1
CVSSv3
CVE-2019-19325
SilverStripe up to and including 4.4.x prior to 4.4.5 and 4.5.x prior to 4.5.2 allows Reflected XSS on the login form and custom forms. Silverstripe Forms allow malicious HTML or JavaScript to be inserted through non-scalar FormField attributes, which allows performing XSS (Cross...
Silverstripe Silverstripe
5.9
CVSSv3
CVE-2019-19326
Silverstripe CMS sites up to and including 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. Through modifying the X-Original-Url and X-HTTP-Method-Override headers, responses with malic...
Silverstripe Silverstripe
6.5
CVSSv3
CVE-2021-41559
Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array() that enables a remote attack via a crafted XML document.
Silverstripe Silverstripe
NA
CVE-2012-0976
Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authenticated users with Content Authors privileges to inject arbitrary web script or HTML via the Title parameter. NOTE: some of these details are obtained from third party information...
Silverstripe Silverstripe 2.4.6
NA
CVE-2010-5092
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database.
Silverstripe Silverstripe 2.4.0
NA
CVE-2007-2321
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.
Silverstripe Silverstripe 2.0.0
NA
CVE-2012-6458
Multiple cross-site scripting (XSS) vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) FirstName, (2) Surname, or (3) Email parameter to code/forms/OrderFormAddress.php; or...
Silverstripe Silverstripe 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »