contao Summary
Latest vulnerabilities published by contao
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Improper Permission Management in Contao Open Source CMS
CVE-2025-57759ContaoContao4.3MEDIUMImproper Access Control in Contao Open Source CMS
CVE-2025-57758ContaoContao4.3MEDIUMInformation Disclosure Vulnerability in Contao CMS
CVE-2025-57757ContaoContao5.3MEDIUMInformation Disclosure in Contao Open Source CMS
CVE-2025-57756ContaoContao5.3MEDIUMCross-Site Scripting Vulnerability in Contao CMS
CVE-2025-29790ContaoContao4.8MEDIUMContao 5.4.1 Vulnerability Allows for Malicious Code Execution via SVG File Upload
CVE-2024-45965ContaoContao6.4MEDIUMRemote Command Execution Vulnerability in Contao CMS
CVE-2024-45398ContaoContao8.8HIGHDirectory Traversal Vulnerability in Contao Open Source CMS
CVE-2024-45604ContaoContao4.3MEDIUMInsert Tag Injection Vulnerability in Contao CMS
CVE-2024-45612ContaoContao5.3MEDIUMContao's remember-me tokens will not be cleared after a password change
CVE-2024-30262ContaoContao7.1HIGHContao Sends Cookie Header to External Urls in Protected Pages, Patch Available
CVE-2024-28235ContaoContao6.5MEDIUMCSS Injection Vulnerability Affects Contao CMS Versions
CVE-2024-28234ContaoContao4.7MEDIUMContao Vulnerability: Injection Attacks Possible in Certain Versions
CVE-2024-28191ContaoContao5.4MEDIUMMalicious Code Injection Vulnerability Affects Contao CMS
CVE-2024-28190ContaoContao5.4MEDIUMCross-Site Scripting Vulnerability in Contao Newsletter Extension
CVE-2018-5478ContaoContao6.1MEDIUMContao cross site scripting vulnerability via input unit widget
CVE-2023-36806ContaoContao6.5MEDIUMcontao/core-bundle has path traversal vulnerability in the file manager
CVE-2023-29200ContaoContao4.3MEDIUMCross site scripting via canonical tag
CVE-2022-24899ContaoContaoEPSS 53%7.2HIGHRemote Command Execution Vulnerability in Contao Managed Edition by Contao
CVE-2022-26265ContaoContaoπΎπ‘EPSS 80%9.8CRITICALCross-Site Scripting Vulnerability in Contao Web Application
CVE-2021-35955ContaoContao4.8MEDIUMPHP file inclusion via insert tags
CVE-2021-37626ContaoContao7.2HIGHPrivilege escalation via form generator
CVE-2021-37627ContaoContao8HIGHCross-Site Scripting Vulnerability in Contao by Contao GmbH & Co. KG
CVE-2021-35210ContaoContao6.1MEDIUMImproper Input Validation in Contao by Contao Association
CVE-2020-25768ContaoContao5.3MEDIUMCross-Site Scripting Vulnerability in Contao CMS
CVE-2018-10125ContaoContao6.1MEDIUM