Contao » Contao Cms : Security Vulnerabilities, CVEs, Published In 2017 (Directory traversal)

CVE-2017-10993

Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
Max CVSS
8.8
EPSS Score
0.32%
Published
2017-07-21
Updated
2019-10-03

CVE-2015-0269

Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.16%
Published
2017-05-26
Updated
2017-06-08
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close