Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silverstripe silverstripe vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2007-2321
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.
Silverstripe Silverstripe 2.0.0
668
VMScore
CVE-2019-12204
In SilverStripe up to and including 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
Silverstripe Silverstripe
668
VMScore
CVE-2019-12149
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x prior to 1.0.9, 2.0.x prior to 2.0.4, and 2.1.x prior to 2.1.2 and silverstripe/registry module 2.1.x prior to 2.1.1 and 2.2.x prior to 2.2.1 allows malicious users to execute arbitrary SQL commands.
Silverstripe Registry
Silverstripe Restfulserver
668
VMScore
CVE-2019-5715
All versions of SilverStripe 3 before 3.6.7 and 3.7.3, and all versions of SilverStripe 4 before 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
Silverstripe Silverstripe
Silverstripe Silverstripe 4.3.0
668
VMScore
CVE-2011-4960
SQL injection vulnerability in the Folder::findOrMake method in SilverStripe 2.3.x prior to 2.3.12 and 2.4.x prior to 2.4.6 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Silverstripe Silverstripe 2.3.4
Silverstripe Silverstripe 2.3.7
Silverstripe Silverstripe 2.3.10
Silverstripe Silverstripe 2.3.3
Silverstripe Silverstripe 2.3.8
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe 2.3.5
Silverstripe Silverstripe 2.3.9
Silverstripe Silverstripe 2.3.6
Silverstripe Silverstripe 2.3.11
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.3.2
Silverstripe Silverstripe 2.4.1
Silverstripe Silverstripe 2.4.0
Silverstripe Silverstripe 2.4.2
Silverstripe Silverstripe 2.4.3
Silverstripe Silverstripe 2.4.5
668
VMScore
CVE-2008-6753
SQL injection vulnerability in SilverStripe prior to 2.2.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
Silverstripe Silverstripe 2.1.0
Silverstripe Silverstripe 2.2.0
Silverstripe Silverstripe 2.0.0
Silverstripe Silverstripe
Silverstripe Silverstripe 2.1.1
Silverstripe Silverstripe 2.0.2
Silverstripe Silverstripe 2.0.1
668
VMScore
CVE-2009-1433
SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe prior to 2.3.1 allows remote malicious users to execute arbitrary SQL commands via the filename parameter.
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.1.0
Silverstripe Silverstripe 2.2.0
Silverstripe Silverstripe 2.2.2
Silverstripe Silverstripe 2.0.0
Silverstripe Silverstripe 2.2.4
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe
Silverstripe Silverstripe 2.2.1
Silverstripe Silverstripe 2.1.1
Silverstripe Silverstripe 2.0.2
Silverstripe Silverstripe 2.0.1
605
VMScore
CVE-2020-9309
Silverstripe CMS up to and including 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to ex...
Silverstripe Recipe
Silverstripe Mimevalidator
605
VMScore
CVE-2019-12437
In SilverStripe up to and including 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations,
Silverstripe Silverstripe
605
VMScore
CVE-2011-4959
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x prior to 2.3.12 and 2.4.x prior to 2.4.6, when connected to a MySQL database using far east character encodings, allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Silverstripe Silverstripe 2.3.4
Silverstripe Silverstripe 2.3.7
Silverstripe Silverstripe 2.3.10
Silverstripe Silverstripe 2.3.3
Silverstripe Silverstripe 2.3.8
Silverstripe Silverstripe 2.3.1
Silverstripe Silverstripe 2.3.5
Silverstripe Silverstripe 2.3.9
Silverstripe Silverstripe 2.3.6
Silverstripe Silverstripe 2.3.11
Silverstripe Silverstripe 2.3.0
Silverstripe Silverstripe 2.3.2
Silverstripe Silverstripe 2.4.1
Silverstripe Silverstripe 2.4.0
Silverstripe Silverstripe 2.4.2
Silverstripe Silverstripe 2.4.4
Silverstripe Silverstripe 2.4.3
Silverstripe Silverstripe 2.4.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »