A vulnerability was found in concrete5-legacy up to 5.6.4.0. It has been classified as problematic. Affected is some unknown functionality of the file concrete/elements/collection_add.php of the component Parameter Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
concrete5-legacy up to 5.6.4.0 Parameter collection_add.php mode cross site scripting
- Virtual Patching
- October 2, 2021
- 10:07 am
Contact us to get started
CVE-2023-2825 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION 16.0.0 PUBLIC PROJECT PATH TRAVERSAL
Description An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a
CVE-2023-2851 : AGT TECH CEPPATRON SQL INJECTION
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AGT Tech Ceppatron allows Command
CVE-2023-2868 : BARRACUDA EMAIL SECURITY GATEWAY UP TO 9.2.0.006 TAR FILE COMMAND INJECTION
Description A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions