Product:

October

(Octobercms)
Date Id Summary Products Score Patch Annotated
2017-10-05 CVE-2017-1000119 October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server. October 7.2
2017-09-27 CVE-2015-5613 Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title, a different vulnerability than CVE-2015-5612. October 5.4
2015-09-04 CVE-2015-5612 Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image. October N/A