Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

PHP Framework

silverstripeCMS

Silverstripe CMS is the intuitive open-source content management system and flexible framework loved by editors and developers alike.

Official Site:

https://www.silverstripe.org/

Severity Summary:

Critical: 3 High: 6 Medium: 52 Low: 3
Reference
Title
Severity
CVE-2019-5715
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Critical
CVE-2007-2321
silverstripeCMS Other Vulnerability
Critical
CVE-2019-12204
silverstripeCMS Vulnerability
Critical
CVE-2008-6753
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2011-4960
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2009-1433
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-12437
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2020-6164
silverstripeCMS Vulnerability
High
CVE-2020-9280
silverstripeCMS Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2022-37421
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-9311
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-28803
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-28661
silverstripeCMS Incorrect Authorization Vulnerability
Medium
CVE-2021-36150
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-41559
silverstripeCMS Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion) Vulnerability
Medium
CVE-2022-24444
silverstripeCMS Session Fixation Vulnerability
Medium
CVE-2020-6165
silverstripeCMS Incorrect Default Permissions Vulnerability
Medium
CVE-2020-26136
silverstripeCMS Improper Authentication Vulnerability
Medium
CVE-2020-26138
silverstripeCMS Improper Input Validation Vulnerability
Medium
CVE-2013-2653
silverstripeCMS Improper Input Validation Vulnerability
Medium
CVE-2020-25817
silverstripeCMS Improper Restriction of XML External Entity Reference Vulnerability
Medium
CVE-2019-19326
silverstripeCMS Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Medium
CVE-2019-19325
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16409
silverstripeCMS Vulnerability
Medium
CVE-2019-14273
silverstripeCMS Files or Directories Accessible to External Parties Vulnerability
Medium
CVE-2019-14272
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-12246
silverstripeCMS Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2019-12245
silverstripeCMS Incorrect Permission Assignment for Critical Resource Vulnerability
Medium
CVE-2019-12205
silverstripeCMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-12203
silverstripeCMS Session Fixation Vulnerability
Medium