octobercms Summary
Latest vulnerabilities published by octobercms
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in October CMS by October
CVE-2026-25133OctobercmsOctober4.8MEDIUMServer-Side Information Disclosure in October CMS
CVE-2026-25125OctobercmsOctober4.9MEDIUMStored Cross-Site Scripting Vulnerability in October CMS Event Log Feature
CVE-2026-24907OctobercmsOctober5.1MEDIUMStored Cross-Site Scripting Vulnerability in October CMS Backend Editor Settings
CVE-2026-24906OctobercmsOctober5.1MEDIUMSandbox Bypass Vulnerability in October CMS by October
CVE-2026-22692OctobercmsOctober4.9MEDIUMCross-Site Scripting Vulnerability in October CMS Backend Configuration
CVE-2025-61674OctobercmsOctober6.1MEDIUMCross-Site Scripting Vulnerability in October CMS Backend Configuration
CVE-2025-61676OctobercmsOctober6.1MEDIUMUnauthorized File Upload Vulnerability in October CMS by October
CVE-2024-51991OctobercmsOctober1.1LOWUnescaped HTML Reflected in AJAX Handler Name
CVE-2024-25637OctobercmsOctober3.1LOWOctober CMS safe mode bypass using Page template injection
CVE-2023-44381octobercmsoctober4.9MEDIUMOctober CMS safe mode bypass using Twig sandbox escape
CVE-2023-44382octobercmsoctober9.1CRITICALOctober CMS stored XSS by authenticated backend user with improper configuration
CVE-2023-44383OctobercmsOctober5.4MEDIUMCross-Site Scripting Flaw in October CMS Installation Affects Version 3.4.16
CVE-2023-43876OctobercmsOctoberπΎπ‘5.4MEDIUMArbitrary File Upload Vulnerability in October CMS by October
CVE-2023-37692OctobercmsOctober5.4MEDIUMOctober CMS Safe Mode bypass leads to authenticated RCE (Remote Code Execution)
CVE-2022-35944OctobercmsOctober6.2MEDIUMFile Path Vulnerability in October CMS by October
CVE-2017-1000197OctobercmsOctober9.8CRITICALCross Site Scripting Vulnerability in October CMS Media Module by October
CVE-2018-1999008OctobercmsOctober5.4MEDIUMLocal File Inclusion Vulnerability in October CMS by October
CVE-2018-1999009OctobercmsOctober8.1HIGHRace Condition in October CMS upload process
CVE-2022-24800OctobercmsOctober8.1HIGHMissing server signature validation in OctoberCMS
CVE-2022-23655OctobercmsOctober4.8MEDIUMAuthenticated remote code execution in octobercms
CVE-2022-21705OctobercmsOctoberEPSS 76%7.2HIGHAuthenticated file write leads to remote code execution in october/system
CVE-2021-32649OctobercmsOctober8.8HIGHArbitrary code execution in october/system
CVE-2021-32650OctobercmsOctober8.8HIGHDeleted Admin Can Sign In to Admin Interface
CVE-2021-41126OctobercmsOctober7.2HIGHAuthentication bypass in Octobercms
CVE-2021-29487OctobercmsOctober7.4HIGH