Silverstripe » Silverstripe : Security Vulnerabilities, CVEs, CVSS score >= 9
In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
Max CVSS
9.8
EPSS Score
0.33%
Published
2019-09-25
Updated
2020-08-24
All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.
Max CVSS
9.8
EPSS Score
0.15%
Published
2019-04-11
Updated
2019-04-12
Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.58%
Published
2007-04-27
Updated
2017-07-29
3 vulnerabilities found