Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silverstripe vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2007-2321
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.
Silverstripe Silverstripe 2.0.0
668
VMScore
CVE-2019-12204
In SilverStripe up to and including 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
Silverstripe Silverstripe
668
VMScore
CVE-2019-12149
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x prior to 1.0.9, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.2 and silverstripe/registry module 2.1.x prior to 2.1.1 and 2.2.x prior to 2.2.1 allows malicious users to execute arbitrary SQL commands.
Silverstripe Restfulserver
Silverstripe Registry
668
VMScore
CVE-2019-5715
All versions of SilverStripe 3 before 3.6.7 and 3.7.3, and all versions of SilverStripe 4 before 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
Silverstripe Silverstripe 4.3.0
Silverstripe Silverstripe
668
VMScore
CVE-2011-4960
SQL injection vulnerability in the Folder::findOrMake method in SilverStripe 2.3.x prior to 2.3.12 and 2.4.x prior to 2.4.6 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe 2.3.6
Silverstripe Silverstripe 2.3.7
Silverstripe Silverstripe 2.3.8
Silverstripe Silverstripe 2.3.9
Silverstripe Silverstripe 2.3.2
Silverstripe Silverstripe 2.3.4
Silverstripe Silverstripe 2.3.11
Silverstripe Silverstripe 2.3.3
Silverstripe Silverstripe 2.3.5
Silverstripe Silverstripe 2.3.10
Silverstripe Silverstripe 2.4.1
Silverstripe Silverstripe 2.4.2
Silverstripe Silverstripe 2.4.3
Silverstripe Silverstripe 2.4.5
Silverstripe Silverstripe 2.4.0
668
VMScore
CVE-2008-6753
SQL injection vulnerability in SilverStripe prior to 2.2.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
Silverstripe Silverstripe 2.2.0
Silverstripe Silverstripe 2.1.1
Silverstripe Silverstripe 2.1.0
Silverstripe Silverstripe 2.0.2
Silverstripe Silverstripe 2.0.1
Silverstripe Silverstripe 2.0.0
Silverstripe Silverstripe
668
VMScore
CVE-2009-1433
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe prior to 2.3.1 allows remote malicious users to execute arbitrary SQL commands via the filename parameter.
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.1.0
Silverstripe Silverstripe 2.0.1
Silverstripe Silverstripe 2.0.0
Silverstripe Silverstripe 2.2.2
Silverstripe Silverstripe 2.2.1
Silverstripe Silverstripe 2.2.0
Silverstripe Silverstripe 2.1.1
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe
Silverstripe Silverstripe 2.2.4
Silverstripe Silverstripe 2.0.2
605
VMScore
CVE-2020-9309
Silverstripe CMS up to and including 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to ex...
Silverstripe Mimevalidator
Silverstripe Recipe
605
VMScore
CVE-2019-12437
In SilverStripe up to and including 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations,
Silverstripe Silverstripe
605
VMScore
CVE-2011-4959
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x prior to 2.3.12 and 2.4.x prior to 2.4.6, when connected to a MySQL database using far east character encodings, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe 2.3.2
Silverstripe Silverstripe 2.3.8
Silverstripe Silverstripe 2.3.9
Silverstripe Silverstripe 2.3.10
Silverstripe Silverstripe 2.3.11
Silverstripe Silverstripe 2.3.4
Silverstripe Silverstripe 2.3.6
Silverstripe Silverstripe 2.3.3
Silverstripe Silverstripe 2.3.5
Silverstripe Silverstripe 2.3.7
Silverstripe Silverstripe 2.4.3
Silverstripe Silverstripe 2.4.4
Silverstripe Silverstripe 2.4.5
Silverstripe Silverstripe 2.4.0
Silverstripe Silverstripe 2.4.2
Silverstripe Silverstripe 2.4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »