 |
VOOZH | about |
|
VOOZH | about |
Concrete core subtree split
98%
Total Score
95
100
100
| Title | Versions | Severity |
|---|---|---|
CVE-2022-21829 concrete5/core is vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in versions 9.0.0 - 9.1.0 and 0.0.0 - 8.5.8. | 0.0.0 - 8.5.89.0.0 - 9.1.0 | High |
CVE-2022-30120 concrete5/core is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 9.0.0 - 9.1.0 and 0.0.0 - 8.5.8. | 0.0.0 - 8.5.89.0.0 - 9.1.0 | Low |
CVE-2022-30117 concrete5/core is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in versions 9.0.0 - 9.1.0 and 0.0.0 - 8.5.8. | 0.0.0 - 8.5.89.0.0 - 9.1.0 | Critical |
CVE-2021-22968 concrete5/core is vulnerable to Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in versions 0.0.0 - 8.5.7. | 0.0.0 - 8.5.7 | High |
CVE-2021-22970 concrete5/core is vulnerable to Server-Side Request Forgery (SSRF) in versions 0.0.0 - 8.5.7. | 0.0.0 - 8.5.7 | High |
No maintainer information available.
98%
Total Score
95
100
100
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
