Concrete CMS up to 8.5.5 Upload File server-side request forgery

A vulnerability has been found in Concrete CMS up to 8.5.5 (Content Management System) and classified as critical. Affected by this vulnerability is an unknown function of the component Upload File Handler. Upgrading to version 8.5.6 eliminates this vulnerability. The upgrade is hosted for download at documentation.concretecms.org.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-21683 : ATLASSIAN CONFLUENCE DATA CENTER UP TO 8.9.0 PRIVILEGE ESCALATION

CVE-2024-21683 : ATLASSIAN CONFLUENCE DATA CENTER UP TO 8.9.0 PRIVILEGE ESCALATION

Description This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.

CVE-2024-3927 : ELEMENT PACK ELEMENTOR ADDONS PLUGIN UP TO 5.6.3 ON WORDPRESS ACCESS CONTROL

CVE-2024-3927 : ELEMENT PACK ELEMENTOR ADDONS PLUGIN UP TO 5.6.3 ON WORDPRESS ACCESS CONTROL

Description The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is

CVE-2024-36053 : LINUXMINT MINTUPLOAD UP TO 4.2.0 SERVICE OS COMMAND INJECTION

CVE-2024-36053 : LINUXMINT MINTUPLOAD UP TO 4.2.0 SERVICE OS COMMAND INJECTION

Description In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in