cbcvebase.

Octobercms October vulnerabilities

58 known vulnerabilities affecting octobercms/october.

Total CVEs
58
CISA KEV
1
actively exploited
Public exploits
7
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH14MEDIUM35LOW3

Vulnerabilities

Page 1 of 3
CVE-2021-32648P1CRITICALCVSS 9.1KEVPoC≥ 1.1.1, < 1.1.5v1.0.471+2 more2021-08-26
CVE-2021-32648 [CRITICAL] CWE-287 CVE-2021-32648: octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.
nvd
CVE-2017-1000119P2HIGHCVSS 7.2PoCv1.0.4122017-10-05
CVE-2017-1000119 [HIGH] CWE-434 CVE-2017-1000119: October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server.
nvd
CVE-2022-21705P3HIGHCVSS 7.2PoCfixed in 1.0.474≥ 1.1.0, < 1.1.10+3 more2022-02-23
CVE-2022-21705 [HIGH] CWE-74 CVE-2022-21705: Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions us Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code
nvd
CVE-2017-16244P3HIGHCVSS 8.8PoCv1.0.4262017-11-01
CVE-2017-16244 [HIGH] CWE-352 CVE-2017-16244: Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation o Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an attacker to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF headers and CSRF tokens via a certain _handler postback variable.
nvd
CVE-2020-5295P3MEDIUMCVSS 4.9PoC≥ 1.0.319, < 1.0.466v>= 1.0.319, < 1.0.4662020-06-03
CVE-2020-5295 [MEDIUM] CWE-98 CVE-2020-5295: In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attack In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the `cms.manage_assets` permission. Issue has been patched in Build 466 (v1.0.466).
nvd
CVE-2021-32650P3HIGHCVSS 8.8v1.0.472v1.1.5+2 more2022-01-14
CVE-2021-32650 [HIGH] CWE-74 CVE-2021-32650: October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Frame October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been pa
nvd
CVE-2018-7198P4MEDIUMCVSS 6.1PoC≤ 1.0.4312018-02-18
CVE-2018-7198 [MEDIUM] CWE-79 CVE-2018-7198: October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page. October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.
nvd
CVE-2017-15284P4MEDIUMCVSS 5.4PoCv1.0.4252017-10-12
CVE-2017-15284 [MEDIUM] CWE-79 CVE-2017-15284: Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account.
nvd
CVE-2017-1000196P3CRITICALCVSS 9.8≤ 1.0.4122017-11-17
CVE-2017-1000196 [CRITICAL] CWE-94 CVE-2017-1000196: October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulti October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applications on the server.
nvd
CVE-2017-16941P3HIGHCVSS 8.8≤ 1.0.4282017-11-25
CVE-2017-16941 [HIGH] CWE-434 CVE-2017-16941: October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authent October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a .htaccess file. NOTE: the vendor says "I don't think [an at
nvd
CVE-2021-32649P3HIGHCVSS 8.8fixed in 1.0.473≥ 1.1.0, < 1.1.6+1 more2022-01-14
CVE-2021-32649 [HIGH] CWE-74 CVE-2021-32649: October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Frame October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build
nvd
CVE-2021-3311P3CRITICALCVSS 9.8≤ 1.0.4712021-02-05
CVE-2021-3311 [CRITICAL] CWE-613 CVE-2021-3311: An issue was discovered in October through build 471. It reactivates an old session ID (which had be An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an attacker.
nvd
CVE-2022-24800P3HIGHCVSS 8.1fixed in 1.0.476≥ 1.1.0, < 1.1.12+3 more2022-07-12
CVE-2022-24800 [HIGH] CWE-362 CVE-2022-24800: October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in t
nvd
CVE-2023-44382P3CRITICALCVSS 9.1≥ 3.0.0, < 3.4.15v>= 3.0.0, < 3.4.152023-12-01
CVE-2023-44382 [CRITICAL] CWE-94 CVE-2023-44382: October is a Content Management System (CMS) and web platform to assist with development workflow. A October is a Content Management System (CMS) and web platform to assist with development workflow. An authenticated backend user with the `editor.cms_pages`, `editor.cms_layouts`, or `editor.cms_partials` permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to `cms.safe_mode` being enabled can write spec
nvd
CVE-2017-1000194P3CRITICALCVSS 9.8≤ 1.0.4122017-11-17
CVE-2017-1000194 [CRITICAL] CWE-434 CVE-2017-1000194: October CMS build 412 is vulnerable to Apache configuration modification via file upload functionali October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other applications on the server.
nvd
CVE-2021-29487P3HIGHCVSS 7.4≥ 1.0.471, < 1.0.472≥ 1.1.1, < 1.1.5+2 more2021-08-26
CVE-2021-29487 [HIGH] CWE-287 CVE-2021-29487: octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated users via a specially crafted request. This only affects f
nvd
CVE-2017-1000197P3CRITICALCVSS 9.8≤ 1.0.4122017-11-17
CVE-2017-1000197 [CRITICAL] CWE-417 CVE-2017-1000197: October CMS build 412 is vulnerable to file path modification in asset move functionality resulting October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server.
nvd
CVE-2020-15246P3HIGHCVSS 7.5≥ 1.0.421, < 1.0.469v>= 1.0.421, < 1.0.4692020-11-23
CVE-2020-15246 [HIGH] CWE-863 CVE-2020-15246: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 (v1.0.469) and v1.1.0.
nvd
CVE-2022-35944P3HIGHCVSS 7.2fixed in 2.2.34≥ 3.0.00, < 3.0.66+1 more2022-10-13
CVE-2022-35944 [HIGH] CWE-94 CVE-2022-35944: October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they ca
nvd
CVE-2021-21265P3HIGHCVSS 7.5fixed in 1.1.22021-03-10
CVE-2021-21265 [HIGH] CWE-644 CVE-2021-21265: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any request, regardless of the HOST header to an October CMS instance) the potential exists for Host Header Poisoning attacks to succeed. This has been addressed
nvd
Octobercms October vulnerabilities | cvebase