Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bolt vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19933
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.
Bolt Bolt Cms
1 Github repository
5
CVSSv2
CVE-2017-16754
Bolt prior to 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php.
Boltcms Bolt
3.5
CVSSv2
CVE-2017-11127
Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header.
Bolt Bolt Cms 3.2.14
3.5
CVSSv2
CVE-2017-11128
Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.
Bolt Bolt Cms 3.2.14
6.5
CVSSv2
CVE-2015-7309
The theme editor in Bolt prior to 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it.
Boltcms Bolt
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3