Filtered by vendor Elefantcms
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-20064 | 1 Elefantcms | 1 Elefant Cms | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2017-20063 | 1 Elefantcms | 1 Elefant Cms | 2022-06-27 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Elefant CMS 1.3.12-RC. It has been classified as critical. Affected is an unknown function of the file /filemanager/upload/drop of the component File Upload. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2017-20062 | 1 Elefantcms | 1 Elefant Cms | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability was found in Elefant CMS 1.3.12-RC and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2018-16387 | 1 Elefantcms | 1 Elefantcms | 2018-10-25 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add. | |||||