In ExpressionEngine before 7.2.6, remote code execution can be achieved by an authenticated Control Panel user.
Max CVSS
8.8
EPSS Score
0.46%
Published
2023-02-09
Updated
2023-03-03
In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of icon.png and icon.svg.
Max CVSS
9.8
EPSS Score
0.20%
Published
2021-08-12
Updated
2021-08-23
ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save() to write to an _lang.php file under the system/user/language directory.
Max CVSS
8.8
EPSS Score
9.35%
Published
2021-03-15
Updated
2022-07-12
ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least).
Max CVSS
8.8
EPSS Score
0.43%
Published
2020-06-24
Updated
2020-07-02
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.
Max CVSS
7.2
EPSS Score
0.09%
Published
2022-02-18
Updated
2022-02-28
ExpressionEngine before 4.3.5 has reflected XSS.
Max CVSS
6.1
EPSS Score
0.08%
Published
2018-10-01
Updated
2020-07-06
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-11-17
Updated
2020-07-06
ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.
Max CVSS
7.5
EPSS Score
2.40%
Published
2017-06-22
Updated
2019-10-09
Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] parameter to system/index.php or the (3) tbl_sort[0][] parameter in the comment module to system/index.php.
Max CVSS
6.5
EPSS Score
0.45%
Published
2014-11-04
Updated
2020-07-06
Cross-site scripting (XSS) vulnerability in system/index.php in ExpressionEngine 1.6.4 through 1.6.6, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the avatar parameter.
Max CVSS
4.3
EPSS Score
0.74%
Published
2009-03-26
Updated
2018-10-10
CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.
Max CVSS
4.3
EPSS Score
0.42%
Published
2008-01-10
Updated
2018-10-15
Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameter.
Max CVSS
4.3
EPSS Score
0.40%
Published
2008-01-10
Updated
2018-10-15
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!