Octobercms October vulnerabilities

CVE-2023-43876 [MEDIUM] CWE-79 CVE-2023-43876: A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field.

CVE-2023-37692 [MEDIUM] CWE-79 CVE-2023-37692: An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary c An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file.

CVE-2022-35944 [HIGH] CWE-94 CVE-2022-35944: October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework October is a self-hosted Content Management System (CMS) platform based on the Laravel PHP Framework. This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they ca

CVE-2022-24800 [HIGH] CWE-362 CVE-2022-24800: October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in t

CVE-2022-23655 [MEDIUM] CWE-347 CVE-2022-23655: Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of Oc Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to build 474 or v1.1.10. The only known workaround is to m

CVE-2022-21705 [HIGH] CWE-74 CVE-2022-21705: Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions us Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code

CVE-2021-32649 [HIGH] CWE-74 CVE-2021-32649: October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Frame October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. The issue has been patched in Build

CVE-2021-32650 [HIGH] CWE-74 CVE-2021-32650: October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Frame October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates.The issue has been pa

CVE-2021-41126 [HIGH] CWE-287 CVE-2021-41126: October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework October is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this i

CVE-2021-32648 [CRITICAL] CWE-287 CVE-2021-32648: octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

CVE-2021-29487 [HIGH] CWE-287 CVE-2021-29487: octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated users via a specially crafted request. This only affects f

CVE-2021-21264 [MEDIUM] CVE-2021-21264: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypas October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-26231 (fixed in 1.0.470/471 and 1.1.1) was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247. An authenticated backend user with the `cms.manage_pages`, `cms.manage_layouts`, or `cms.manage_partials` permissions who would **

CVE-2021-21265 [HIGH] CWE-644 CVE-2021-21265: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any request, regardless of the HOST header to an October CMS instance) the potential exists for Host Header Poisoning attacks to succeed. This has been addressed

CVE-2021-3311 [CRITICAL] CWE-613 CVE-2021-3311: An issue was discovered in October through build 471. It reactivates an old session ID (which had be An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an attacker.

CVE-2020-15246 [HIGH] CWE-863 CVE-2020-15246: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 (v1.0.469) and v1.1.0.

CVE-2020-15247 [MEDIUM] CWE-862 CVE-2020-15247: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to provide PHP code to be executed by the CMS

CVE-2020-26231 [MEDIUM] CVE-2020-26231: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypas October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 (fixed in 1.0.469 and 1.1.0) was discovered that has the same impact as CVE-2020-15247. An authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to

CVE-2020-15248 [MEDIUM] CWE-863 CVE-2020-15248: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has

CVE-2020-15249 [MEDIUM] CWE-79 CVE-2020-15249: October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In Octo October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files were permitted to upload SVG files without any sanitization applied to the uploaded files. Since SVG files support being parsed as HTML by browsers, this

CVE-2020-15128 [MEDIUM] CWE-565 CVE-2020-15128: In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cooki In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took advantage of other theoretical vulnerabilities in user facing code (nothing exploitable in the core project itself) had a higher chance of succeeding. Specifically, if your