VYPR

Vendor CVEs

Silverstripe

All CVEs

58 total · sorted by risk
  • CVE-2017-5197MedMar 6, 2017
    risk 0.40cvss 6.1epss 0.01

    There is XSS in SilverStripe CMS before 3.4.4 and 3.5.x before 3.5.2. The attack vector is a page name. An example payload is a crafted JavaScript event handler within a malformed SVG element.

  • CVE-2015-8606MedApr 13, 2016
    risk 0.40cvss 6.1epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.x before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Locale or (2) FailedLoginCount parameter to admin/security/EditForm/field/Members/ite…

  • CVE-2017-12849MedOct 12, 2017
    risk 0.35cvss 5.3epss 0.01

    Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks.

  • CVE-2026-24749MedApr 16, 2026
    risk 0.34cvss 5.3epss 0.00

    The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL() or DBFile::getSourceURL() incorrectly add an access grant to the…

  • CVE-2017-14498MedSep 15, 2017
    risk 0.33cvss 6.1epss 0.01

    SilverStripe CMS before 3.6.1 has XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an admin/assets/add pathname, as demonstrated by the admin/pages/edit/EditorToolbar/MediaForm/field/AssetUploadField/upload URI, aka issue…

  • CVE-2024-47605MedJan 14, 2025
    risk 0.31cvss 5.4epss 0.01

    silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode,…

  • CVE-2025-25197MedApr 10, 2025
    risk 0.28cvss 5.4epss 0.00

    Silverstripe Elemental extends a page type to swap the content area for a list of manageable elements to compose a page out of rather than a single text field. An elemental block can include an XSS payload, which can be executed when viewing the "Content blocks in use" report.…

  • CVE-2025-30148Apr 10, 2025
    risk 0.00cvss epss 0.00

    Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. Prior to 5.3.23, bad actor with access to edit content in the CMS could send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of…

  • CVE-2024-53277Jan 14, 2025
    risk 0.00cvss epss 0.00

    Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. In some cases, form messages can contain HTML markup. This is an intentional feature, allowing links and other relevant HTML markup for the given message. Some form messages include content that the…

  • CVE-2024-32981Jul 17, 2024
    risk 0.00cvss epss 0.00

    Silverstripe framework is the PHP framework forming the base for the Silverstripe CMS. In affected versions a bad actor with access to edit content in the CMS could add send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload…

  • CVE-2024-29885Jul 17, 2024
    risk 0.00cvss epss 0.00

    silverstripe/reports is an API for creating backend reports in the Silverstripe Framework. In affected versions reports can be accessed by their direct URL by any user who has access to view the reports admin section, even if the `canView()` method for that report returns…

  • CVE-2023-49783Jan 23, 2024
    risk 0.00cvss epss 0.00

    Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or…

  • CVE-2023-48714Jan 23, 2024
    risk 0.00cvss epss 0.00

    Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the…

  • CVE-2023-44401Jan 23, 2024
    risk 0.00cvss epss 0.00

    The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. In versions 4.0.0 prior to 4.3.7 and 5.0.0 prior to 5.1.3, `canView` permission checks are bypassed for ORM data in paginated GraphQL query results where the total number of records is…

  • CVE-2023-40180Oct 16, 2023
    risk 0.00cvss epss 0.01

    silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed…

  • CVE-2023-22729Apr 26, 2023
    risk 0.00cvss epss 0.00

    Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a…

  • CVE-2023-22728Apr 26, 2023
    risk 0.00cvss epss 0.00

    Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they…

  • CVE-2023-28104Mar 16, 2023
    risk 0.00cvss epss 0.01

    `silverstripe/graphql` serves Silverstripe data as GraphQL representations. In versions 4.2.2 and 4.1.1, an attacker could use a specially crafted graphql query to execute a denial of service attack against a website which has a publicly exposed graphql endpoint. This mostly…

  • CVE-2022-38147Nov 23, 2022
    risk 0.00cvss epss 0.01

    Silverstripe silverstripe/framework through 4.11 allows XSS (issue 3 of 3).

  • CVE-2022-37421Nov 23, 2022
    risk 0.00cvss epss 0.01

    Silverstripe silverstripe/cms through 4.11.0 allows XSS.

  • CVE-2022-37430Nov 23, 2022
    risk 0.00cvss epss 0.01

    Silverstripe silverstripe/framework through 4.11 allows XSS vulnerability via href attribute of a link (issue 2 of 2).

  • CVE-2022-37429Nov 23, 2022
    risk 0.00cvss epss 0.00

    Silverstripe silverstripe/framework through 4.11 allows XSS (issue 1 of 2) via JavaScript payload to the href attribute of a link by splitting a javascript URL with white space characters.

  • CVE-2022-38724Nov 22, 2022
    risk 0.00cvss epss 0.01

    Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS.

  • CVE-2022-29254Jun 6, 2022
    risk 0.00cvss epss 0.01

    silverstripe-omnipay is a SilverStripe integration with Omnipay PHP payments library. For a subset of Omnipay gateways (those that use intermediary states like `isNotification()` or `isRedirect()`), if the payment identifier or success URL is exposed it is possible for payments…

  • CVE-2019-5715Apr 11, 2019
    risk 0.00cvss epss 0.02

    All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versions of SilverStripe 4 prior to 4.0.7, 4.1.5, 4.2.4, and 4.3.1 allows Reflected SQL Injection through Form and DataObject.

  • CVE-2015-5063Jun 24, 2015
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_username or (2) admin_password parameter to install.php.

  • CVE-2015-5062Jun 24, 2015
    risk 0.00cvss epss 0.02

    Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build.

  • CVE-2011-4958Apr 8, 2014
    risk 0.00cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to template placeholders, as demonstrated by a request to (1)…

  • CVE-2013-6789Nov 13, 2013
    risk 0.00cvss epss 0.01

    security/MemberLoginForm.php in SilverStripe 3.0.3 supports credentials in a GET request, which allows remote or local attackers to obtain sensitive information by reading web-server access logs, web-server Referer logs, or the browser history, a similar vulnerability to…

  • CVE-2013-2653Nov 13, 2013
    risk 0.00cvss epss 0.04

    security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.

  • CVE-2012-6458Aug 9, 2013
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the SilverStripe e-commerce module 3.0 for SilverStripe CMS allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName, (2) Surname, or (3) Email parameter to code/forms/OrderFormAddress.php; or the…

  • CVE-2012-4968Sep 17, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted string to the AbsoluteLinks, (2) BigSummary, (3) ContextSummary, (4) EscapeXML, (5)…

  • CVE-2011-4962Sep 17, 2012
    risk 0.00cvss epss 0.04

    code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x before 2.4.6 might allow remote attackers to execute arbitrary code via a crafted cookie in a user comment submission, which is not properly handled when it is deserialized.

  • CVE-2011-4961Sep 17, 2012
    risk 0.00cvss epss 0.02

    SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote authenticated users with the EDIT_PERMISSIONS permission to gain administrator privileges via a TreeMultiselectField that includes admin groups when adding a user to the selected groups.

  • CVE-2011-4960Sep 17, 2012
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the Folder::findOrMake method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2011-4959Sep 17, 2012
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2010-5079Sep 17, 2012
    risk 0.00cvss epss 0.02

    SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended…

  • CVE-2010-5078Sep 17, 2012
    risk 0.00cvss epss 0.02

    SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain version information via a direct request to (1) apphire/silverstripe_version or (2)…

  • CVE-2010-4824Sep 17, 2012
    risk 0.00cvss epss 0.03

    SQL injection vulnerability in the augmentSQL method in core/model/Translatable.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when the Translatable extension is enabled, allows remote attackers to execute arbitrary SQL commands via the locale parameter.

  • CVE-2010-4823Sep 17, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via…

  • CVE-2010-4822Sep 17, 2012
    risk 0.00cvss epss 0.02

    core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.

  • CVE-2010-5188Aug 26, 2012
    risk 0.00cvss epss 0.02

    SilverStripe 2.3.x before 2.3.6 allows remote attackers to obtain sensitive information via the (1) debug_memory parameter to core/control/Director.php or (2) debug_profile parameter to main.php.

  • CVE-2010-5187Aug 26, 2012
    risk 0.00cvss epss 0.01

    SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running on servers with certain configurations, allows remote attackers to obtain sensitive information via a direct request to PHP files in the (1) sapphire, (2) cms, or (3) mysite folders, which reveals the…

  • CVE-2010-5095Aug 26, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in SilverStripe 2.3.x before 2.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to DataObjectSet pagination.

  • CVE-2010-5094Aug 26, 2012
    risk 0.00cvss epss 0.02

    The deleteinstallfiles function in control/ContentController.php in SilverStripe 2.3.x before 2.3.7 does not require ADMIN permissions, which allows remote attackers to delete index.php and "disrupt mod_rewrite-less URL routing."

  • CVE-2010-5093Aug 26, 2012
    risk 0.00cvss epss 0.02

    Member_ProfileForm in security/Member.php in SilverStripe 2.3.x before 2.3.7 allows remote attackers to hijack user accounts by saving data using the email address (ID) of another user.

  • CVE-2010-5092Aug 26, 2012
    risk 0.00cvss epss 0.00

    The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database.

  • CVE-2010-5091Aug 26, 2012
    risk 0.00cvss epss 0.01

    The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.

  • CVE-2010-5090Aug 26, 2012
    risk 0.00cvss epss 0.01

    SilverStripe before 2.4.2 allows remote authenticated users to change administrator passwords via vectors related to admin/security.

  • CVE-2010-5089Aug 26, 2012
    risk 0.00cvss epss 0.02

    SilverStripe before 2.4.2 does not properly restrict access to pages in draft mode, which allows remote attackers to obtain sensitive information.

Page 1 of 2