Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2022-36532 | High | Sep 16, 2022 | Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a more... |
3.7.5, 5.1.12, 5.1.11, 5.1.10, 5.1.9, 4.2.6, 5.1.7, 5.1.6, 5.1.5, 5.1.4
|
|
CVE-2022-31321 | BDSA-2022-2146 | Critical | Aug 01, 2022 | The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause more... |
3.7.5, 5.1.24, 5.1.23, 5.1.22, 5.1.21, 5.1.20, 5.1.19, 5.1.18, 5.1.17, 5.1.16
|
CVE-2021-40219 | BDSA-2022-1568 | High | Apr 11, 2022 | Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side tem more... |
3.7.5, 3.7.4.1, 4.2.0, 4.1.23, 4.1.22, 4.1.21.1, 4.1.21, 3.7.4, 3.7.3, 4.1.20
|
CVE-2021-27367 | BDSA-2021-0401 | High | Feb 17, 2021 | Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. |
3.7.5, 3.7.4.1, 3.7.4, 3.7.3, 4.1.12, 4.1.11, 4.1.10, 4.1.9, 4.1.8, 4.1.7.1
|