Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

contao vulnerabilities and exploits

(subscribe to this query)

7.2
CVSSv3
CVE-2021-37627
Contao is an open source CMS that allows creation of websites and scalable web applications. In affected versions it is possible to gain privileged rights in the Contao back end. Installations are only affected if they have untrusted back end users who have access to the form...
Contao Contao 4.0.0Contao Contao 4.1.0Contao Contao 4.2.0Contao Contao 4.3.0Contao ContaoContao Contao 4.5.0Contao Contao 4.6.0Contao Contao 4.7.0Contao Contao 4.8.0Contao Contao 4.10.0
7.2
CVSSv3
CVE-2021-37626
Contao is an open source CMS that allows you to create websites and scalable web applications. In affected versions it is possible to load PHP files by entering insert tags in the Contao back end. Installations are only affected if they have untrusted back end users who have the...
Contao Contao 4.0.0Contao Contao 4.1.0Contao Contao 4.2.0Contao Contao 4.3.0Contao ContaoContao Contao 4.5.0Contao Contao 4.6.0Contao Contao 4.7.0Contao Contao 4.8.0Contao Contao 4.10.0
NA
CVE-2012-1297
Multiple cross-site request forgery (CSRF) vulnerabilities in main.php in Contao (formerly TYPOlight) 2.11.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via a delete action in the user module, (2) delete...
Contao Contao Cms 2.10.0Contao Contao Cms 2.10.Contao Contao Cms 2.9.0Contao Contao Cms 2.8.0Contao Contao Cms 2.7.7Contao Contao Cms 2.7.0Contao Contao Cms 2.6.2Contao Contao Cms 2.6.1Contao Contao Cms 2.5.6Contao Contao Cms 2.5.5Contao Contao Cms 2.4.7Contao Contao Cms 2.4.6Contao Contao Cms 2.4.0Contao Contao Cms 2.3.4Contao Contao Cms 2.2.10Contao Contao Cms 2.2.9Contao Contao Cms 2.2.1Contao Contao Cms 2.2.0Contao Contao Cms 2.1.14Contao Contao Cms 2.1.13Contao Contao Cms 2.1.6Contao Contao Cms 2.1.5Contao Contao Cms 2.0Contao Contao CmsContao Contao Cms 2.9.5Contao Contao Cms 2.9.4Contao Contao Cms 2.8.4Contao Contao Cms 2.8.3Contao Contao Cms 2.7.6Contao Contao Cms 2.7.5Contao Contao Cms 2.6.8Contao Contao Cms 2.6.7Contao Contao Cms 2.6.0Contao Contao Cms 2.5.4Contao Contao Cms 2.5.3Contao Contao Cms 2.10.2Contao Contao Cms 2.10.1Contao Contao Cms 2.9.1Contao Contao Cms 2.7.2Contao Contao Cms 2.7.1Contao Contao Cms 2.6.4Contao Contao Cms 2.6.3Contao Contao Cms 2.5.8Contao Contao Cms 2.5.7Contao Contao Cms 2.5.0Contao Contao Cms 2.4.1Contao Contao Cms 2.2.12Contao Contao Cms 2.2.11Contao Contao Cms 2.2.3Contao Contao Cms 2.2.2Contao Contao Cms 2.1.16Contao Contao Cms 2.1.15Contao Contao Cms 2.1.8Contao Contao Cms 2.1.7Contao Contao Cms 2.4.5Contao Contao Cms 2.4.4Contao Contao Cms 2.3.3Contao Contao Cms 2.3.2Contao Contao Cms 2.2.8Contao Contao Cms 2.2.7Contao Contao Cms 2.2.6Contao Contao Cms 2.1.20Contao Contao Cms 2.1.19Contao Contao Cms 2.1.12Contao Contao Cms 2.1.11Contao Contao Cms 2.1.4Contao Contao Cms 2.1.3Contao Contao Cms 2.1.2Contao Contao Cms 2.10.4Contao Contao Cms 2.10.3Contao Contao Cms 2.9.3Contao Contao Cms 2.9.2Contao Contao Cms 2.8.2Contao Contao Cms 2.8.1Contao Contao Cms 2.7.4Contao Contao Cms 2.7.3Contao Contao Cms 2.6.6Contao Contao Cms 2.6.5Contao Contao Cms 2.5.9Contao Contao Cms 2.5.2Contao Contao Cms 2.5.1Contao Contao Cms 2.4.3Contao Contao Cms 2.4.2Contao Contao Cms 2.3.1Contao Contao Cms 2.3.0Contao Contao Cms 2.2.5Contao Contao Cms 2.2.4Contao Contao Cms 2.1.18Contao Contao Cms 2.1.17Contao Contao Cms 2.1.10Contao Contao Cms 2.1.9Contao Contao Cms 2.1.1Contao Contao Cms 2.1.0
6.1
CVSSv3
CVE-2018-10125
Contao before 4.5.7 has XSS in the system log....
Contao ContaoContao Contao 4.0.0Contao Contao 4.1.0Contao Contao 4.2.0Contao Contao 4.3.0
NA
CVE-2011-4335
Multiple cross-site scripting (XSS) vulnerabilities in Contao before 2.10.2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php in a (1) teachers.html or (2) teachers/ action....
Contao Contao Cms 2.10.0Contao Contao Cms 2.9.0Contao Contao Cms 2.8.4Contao Contao Cms 2.7.7Contao Contao Cms 2.7.6Contao Contao Cms 2.7.0Contao Contao Cms 2.6.1Contao Contao Cms 2.6.0Contao Contao Cms 2.5.5Contao Contao Cms 2.5.4Contao Contao Cms 2.4.7Contao Contao Cms 2.4.6Contao Contao Cms 2.4.5Contao Contao Cms 2.3.4Contao Contao Cms 2.3.3Contao Contao Cms 2.2.9Contao Contao Cms 2.2.8Contao Contao Cms 2.2.1Contao Contao Cms 2.2.0Contao Contao Cms 2.1.22Contao Contao Cms 2.1.15Contao Contao Cms 2.1.14Contao Contao Cms 2.1.7Contao Contao Cms 2.1.6Contao Contao Cms 2.0Contao Contao Cms 2.9.3Contao Contao Cms 2.9.2Contao Contao Cms 2.9.1Contao Contao Cms 2.8.1Contao Contao Cms 2.8.0Contao Contao Cms 2.7.3Contao Contao Cms 2.7.2Contao Contao Cms 2.6.5Contao Contao Cms 2.6.4Contao Contao Cms 2.5.9Contao Contao Cms 2.5.8Contao Contao Cms 2.5.1Contao Contao Cms 2.5.0Contao Contao Cms 2.4.2Contao Contao Cms 2.4.1Contao Contao Cms 2.3.0Contao Contao Cms 2.2.12Contao Contao Cms 2.2.5Contao Contao Cms 2.2.4Contao Contao Cms 2.1.19Contao Contao Cms 2.1.18Contao Contao Cms 2.1.11Contao Contao Cms 2.1.10Contao Contao Cms 2.1.3Contao Contao Cms 2.1.2Contao Contao CmsContao Contao Cms 2.7.1Contao Contao Cms 2.6.3Contao Contao Cms 2.6.2Contao Contao Cms 2.5.7Contao Contao Cms 2.5.6Contao Contao Cms 2.4.0Contao Contao Cms 2.2.11Contao Contao Cms 2.2.10Contao Contao Cms 2.2.3Contao Contao Cms 2.2.2Contao Contao Cms 2.1.17Contao Contao Cms 2.1.16Contao Contao Cms 2.1.9Contao Contao Cms 2.1.8Contao Contao Cms 2.1.1Contao Contao Cms 2.1.0Contao Contao Cms 2.9.5Contao Contao Cms 2.9.4Contao Contao Cms 2.8.3Contao Contao Cms 2.8.2Contao Contao Cms 2.7.5Contao Contao Cms 2.7.4Contao Contao Cms 2.6.8Contao Contao Cms 2.6.7Contao Contao Cms 2.6.6Contao Contao Cms 2.5.3Contao Contao Cms 2.5.2Contao Contao Cms 2.4.4Contao Contao Cms 2.4.3Contao Contao Cms 2.3.2Contao Contao Cms 2.3.1Contao Contao Cms 2.2.7Contao Contao Cms 2.2.6Contao Contao Cms 2.1.21Contao Contao Cms 2.1.20Contao Contao Cms 2.1.13Contao Contao Cms 2.1.12Contao Contao Cms 2.1.5Contao Contao Cms 2.1.4
5.3
CVSSv3
CVE-2019-19714
Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered....
Contao Contao 4.8.4Contao Contao 4.8.5
6.1
CVSSv3
CVE-2021-35210
Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end....
Contao Contao
8.8
CVSSv3
CVE-2012-4383
contao prior to 2.11.4 has a sql injection vulnerability...
Contao Contao
6.1
CVSSv3
CVE-2022-24899
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page...
Contao Contao
8.8
CVSSv3
CVE-2017-10993
Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal....
Contao Contao Cms 4.3.1Contao Contao Cms 4.3.2Contao Contao Cms 4.3.3Contao Contao Cms 4.3.5Contao Contao Cms 4.2.0Contao Contao Cms 4.1.1Contao Contao CmsContao Contao Cms 4.3.10Contao Contao Cms 4.3.11Contao Contao Cms 4.3.0Contao Contao Cms 4.1.0Contao Contao Cms 4.0.1Contao Contao Cms 4.0.2Contao Contao Cms 4.0.3Contao Contao Cms 4.4.0Contao Contao Cms 4.3.6Contao Contao Cms 4.3.8Contao Contao Cms 4.2.2Contao Contao Cms 4.2.4Contao Contao Cms 4.1.3Contao Contao Cms 4.0.4Contao Contao Cms 4.0.0Contao Contao Cms 4.3.7Contao Contao Cms 4.3.9Contao Contao Cms 4.2.1Contao Contao Cms 4.2.3Contao Contao Cms 4.2.5Contao Contao Cms 4.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-31805dosCVE-2022-26727CVE-2022-26712CVE-2022-1529CVE-2022-20807template injectionCVE-2022-26690cross-site scripting
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook