Security Advisories - contao/contao

contao/contao Security Advisories (18)

[HIGH] Directory traversal vulnerability in the file manager

PKSA-3m2g-ygwq-rxnz CVE-2023-29200 GHSA-fp7q-xhhw-6rj3

Affected version: >=4.9.0,<4.9.40|>=4.13.0,<4.13.21|>=5.1.0,<5.1.4

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Contao Information Disclosure via Access Control Flaws

PKSA-ppsr-zcrm-r241 CVE-2018-20028 GHSA-q99w-j4mj-7hj8

Affected version: >=4.4.0,<4.4.31|>=4.6.0,<4.6.11|>=3.0.0,<3.5.37

Reported by:
GitHub
[HIGH] Cross site scripting via canonical URL

PKSA-jgdm-q1xh-kwnj CVE-2022-24899 GHSA-m8x6-6r63-qvj2

Affected version: >=4.13.0,<4.13.3

Reported by:
FriendsOfPHP/security-advisories, GitHub
[HIGH] Privilege escalation with the form generator

PKSA-vfyp-1pdz-qxfn CVE-2021-37627 GHSA-hq5m-mqmx-fw6m

Affected version: >=4.0.0,<4.4.56|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.9.0|>=4.9.0,<4.9.18|>=4.10.0,<4.11.0|>=4.11.0,<4.11.7

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] PHP file inclusion via insert tags

PKSA-33hj-wh6g-5wzq CVE-2021-37626 GHSA-r6mv-ppjc-4hgr

Affected version: >=4.0.0,<4.4.56|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.9.0|>=4.9.0,<4.9.18|>=4.10.0,<4.11.0|>=4.11.0,<4.11.7

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Cross site scripting via HTML attributes in the back end

PKSA-rc7z-49pc-5drp CVE-2021-35955 GHSA-hr3h-x6gq-rqcp

Affected version: >=4.0.0,<4.4.56|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.9.0|>=4.9.0,<4.9.18|>=4.10.0,<4.11.0|>=4.11.0,<4.11.7

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log

PKSA-vwzw-wjqk-61c9 CVE-2021-35210 GHSA-h58v-c6rf-g9f7

Affected version: >=4.5.0,<4.9.16|>=4.10.0,<4.11.0|>=4.11.0,<4.11.5

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Insert tag injection in front end forms

PKSA-1cjk-ccfw-jwsc CVE-2020-25768 GHSA-f7wm-x4gw-6m23

Affected version: >=4.0.0,<4.4.52|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.9.0|>=4.9.0,<4.9.6|>=4.10.0,<4.10.1

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Insert tag injection in the login module

PKSA-jvc9-sf8h-c99f CVE-2019-19714 GHSA-jc43-qrrp-98f5

Affected version: >=4.8.4,<4.8.6

Reported by:
FriendsOfPHP/security-advisories, GitHub
[HIGH] Unrestricted file uploads

PKSA-7m3q-k7b1-ks8c CVE-2019-19745 GHSA-wjx8-cgrm-hh8p

Affected version: >=4.0.0,<4.4.46|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.8.6

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Information disclosure in the back end

PKSA-s9yr-nm3n-mqqp CVE-2019-19712 GHSA-4mvc-qc5w-v5qr

Affected version: >=4.0.0,<4.4.46|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.8.0|>=4.8.0,<4.8.6

Reported by:
FriendsOfPHP/security-advisories, GitHub
[CRITICAL] SQL injection vulnerabililty in the file manager search filter

PKSA-h4n4-9jqf-3fj5 CVE-2019-11512 GHSA-vq59-x6mq-4wgw

Affected version: >=4.1.0,<4.4.39|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.7.5

Reported by:
FriendsOfPHP/security-advisories, GitHub
[CRITICAL] Confirming an opt-in token does not invalidate previous opt-in tokens

PKSA-ypgr-2z5b-9d8t CVE-2019-10643 GHSA-j99g-qjvx-995g

Affected version: >=4.7.0,<4.7.3

Reported by:
FriendsOfPHP/security-advisories, GitHub
[HIGH] The CSRF token check can be bypassed

PKSA-xsgh-4hdw-ng5b CVE-2019-10642 GHSA-hwmh-9jj9-8c9c

Affected version: >=4.7.0,<4.7.3

Reported by:
FriendsOfPHP/security-advisories, GitHub
[CRITICAL] Existing sessions are not correctly invalidated when a user changes their password

PKSA-4b38-qncw-d1nq CVE-2019-10641 GHSA-vcgg-hp4r-87gx

Affected version: >=4.0.0,<4.4.37|>=4.5.0,<4.6.0|>=4.6.0,<4.7.0|>=4.7.0,<4.7.3

Reported by:
FriendsOfPHP/security-advisories, GitHub
[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log of the back end

PKSA-2h4f-gdkd-838y CVE-2018-10125 GHSA-pj4j-287j-f742

Affected version: >=4.0.0,<4.4.18|>=4.5.0,<4.5.8

Reported by:
FriendsOfPHP/security-advisories, GitHub
[CRITICAL] SQL injection vulnerabililty in the back end search filter

PKSA-3ht4-zh3b-rbx1 CVE-2017-16558 GHSA-w38g-hj45-mjjp

Affected version: >=4.0.0,<4.4.8

Reported by:
FriendsOfPHP/security-advisories, GitHub
[HIGH] A logged in back end user can include arbitrary existing PHP files by manipulating an URL parameter

PKSA-rf51-q4qs-nf3n CVE-2017-10993 GHSA-x5g4-crxq-qxjx

Affected version: >=4.0.0,<4.4.1

Reported by:
FriendsOfPHP/security-advisories, GitHub

contao/contao Security Advisories (18)

[HIGH] Directory traversal vulnerability in the file manager

[MEDIUM] Contao Information Disclosure via Access Control Flaws

[HIGH] Cross site scripting via canonical URL

[HIGH] Privilege escalation with the form generator

[MEDIUM] PHP file inclusion via insert tags

[MEDIUM] Cross site scripting via HTML attributes in the back end

[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log

[MEDIUM] Insert tag injection in front end forms

[MEDIUM] Insert tag injection in the login module

[HIGH] Unrestricted file uploads

[MEDIUM] Information disclosure in the back end

[CRITICAL] SQL injection vulnerabililty in the file manager search filter

[CRITICAL] Confirming an opt-in token does not invalidate previous opt-in tokens

[HIGH] The CSRF token check can be bypassed

[CRITICAL] Existing sessions are not correctly invalidated when a user changes their password

[MEDIUM] Cross-site scripting (XSS) vulnerability in the system log of the back end

[CRITICAL] SQL injection vulnerabililty in the back end search filter

[HIGH] A logged in back end user can include arbitrary existing PHP files by manipulating an URL parameter