contao/core Security Advisories for 2.11.5 (3)
-
[MEDIUM] A directory traversal vulnerability allows back end users to view files outside their document root
PKSA-mygf-dtyk-5jmz CVE-2015-0269 GHSA-4r6g-xhx7-fm36
Affected version: >=2.0.0,<3.0.0|>=3.0.0,<3.4.4
Reported by:
FriendsOfPHP/security-advisories, GitHub -
Insufficient input validation allows for code injection and remote execution
Affected version: >=2.0.0,<2.11.17|>=3.0.0,<3.2.9
Reported by:
FriendsOfPHP/security-advisories -
PHP object injection vulnerability allows for arbitrary code execution
Affected version: >=2.0.0,<2.11.16|>=3.0.0,<3.2.7
Reported by:
FriendsOfPHP/security-advisories