Concrete5 CVE - OpenCVE

Filtered by vendor Concrete5 Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-13790	1 Concrete5	1 Concrete5	2021-03-31	6.5 MEDIUM	7.2 HIGH
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
CVE-2015-4724	1 Concrete5	1 Concrete5	2017-09-13	6.5 MEDIUM	8.8 HIGH
SQL injection vulnerability in Concrete5 5.7.3.1.

Vulnerabilities (CVE)