Silverstripe - Silverstripe CVE

Filtered by vendor Silverstripe Subscribe

Filtered by product Silverstripe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-12204	1 Silverstripe	1 Silverstripe	2020-08-24	7.5 HIGH	9.8 CRITICAL
In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
CVE-2019-5715	1 Silverstripe	1 Silverstripe	2019-04-12	7.5 HIGH	9.8 CRITICAL
All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.

Vulnerabilities (CVE)