Summary
Detail | |||
---|---|---|---|
Vendor | Boltcms | First view | 2019-04-05 |
Product | Bolt | Last view | 2022-08-01 |
Version | 3.6.6 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:boltcms:bolt |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.1 | 2022-08-01 | CVE-2022-31321 | The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input. |
8.8 | 2022-04-11 | CVE-2021-40219 | Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution. |
7.5 | 2021-02-17 | CVE-2021-27367 | Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. |
5.3 | 2020-12-30 | CVE-2020-28925 | Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance. |
6.1 | 2020-06-08 | CVE-2020-4041 | In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code in the file name when creating/uploading the file. But, once created/uploaded, it can be renamed to inject the payload in it. Additionally, the measures to prevent renaming the file to disallowed filename extensions could be circumvented. This is fixed in Bolt 3.7.1. |
4.3 | 2020-06-08 | CVE-2020-4040 | Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1 |
6.1 | 2019-08-23 | CVE-2019-15485 | Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php. |
6.1 | 2019-08-23 | CVE-2019-15484 | Bolt before 3.6.10 has XSS via an image's alt or title field. |
6.1 | 2019-08-23 | CVE-2019-15483 | Bolt before 3.6.10 has XSS via a title that is mishandled in the system log. |
8.8 | 2019-04-05 | CVE-2019-10874 | Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
44% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
22% (2) | CWE-352 | Cross-Site Request Forgery (CSRF) |
11% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
11% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
11% (1) | CWE-20 | Improper Input Validation |