📦

silverstripe

Vendor: silverstripe

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 4 Remote Access

Total CVEs 369 Total Indexed

Avg. EPSS 0.65% Exploit Prob.

Latest CVE CVE-2022-37421 Nov 23

Security Vulnerability Index

Page 7 / 37

4.3 CVSS

CVE-2010-1593

Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (2) the Search parameter to forums/search (aka the search script).

EPSS: 0.58%

Severity: MEDIUM

Apr 28, 2010

7.5 CVSS

CVE-2008-6753

SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.

EPSS: 0.40%

Severity: HIGH

Apr 27, 2009

7.5 CVSS

CVE-2009-1433

SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter.

EPSS: 0.46%

Severity: HIGH

Apr 24, 2009

10.0 CVSS

CVE-2007-2321

Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors.

EPSS: 0.47%

Severity: HIGH

Apr 27, 2007

Displaying 4 of 369 Total Entries

5 6 7 8 9 ... 37

Total 37 Sections