Search for packages
| purl | pkg:composer/bolt/bolt@3.2.20 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-11qv-q56z-7ybw
Aliases: CVE-2025-34086 GHSA-p9qc-8jjx-g8cg |
Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. The attacker can then list and rename cached session files via the /async/browse/cache/.sessions and /async/folder/rename endpoints. By renaming a .session file to a path under the publicly accessible /files/ directory with a .php extension, the attacker can turn the injected code into an executable web shell. Finally, the attacker triggers the payload via a crafted HTTP GET request to the rogue file. NOTE: The vendor announced that Bolt 3 reached end-of-life after 31 December 2021. |
Affected by 3 other vulnerabilities. |
|
VCID-d7dc-3d1m-9ubp
Aliases: CVE-2018-19933 GHSA-gjx6-58xh-p7pw |
Affected by 10 other vulnerabilities. |
|
|
VCID-dy9r-tufx-k7h7
Aliases: CVE-2020-4041 GHSA-68q3-7wjp-7q3j |
The filename of uploaded files vulnerable to stored XSS |
Affected by 3 other vulnerabilities. |
|
VCID-f3gb-875e-43dd
Aliases: CVE-2020-28925 GHSA-w8cj-mvf9-mpc9 |
Affected by 1 other vulnerability. |
|
|
VCID-g8py-h1cd-5bg9
Aliases: CVE-2019-9185 GHSA-gmg5-f2gm-p3h7 |
Bolt Unrestricted Upload of File with Dangerous Type |
Affected by 9 other vulnerabilities. |
|
VCID-mkky-gtw6-m7eq
Aliases: CVE-2017-16754 GHSA-wr23-m9m2-jjf4 |
Bolt Improper Access Control |
Affected by 11 other vulnerabilities. |
|
VCID-qsgy-veay-zygz
Aliases: CVE-2019-15484 GHSA-fp8m-xw3f-6h7x |
Bolt Cross-site Scripting (XSS) via an image's alt or title field |
Affected by 6 other vulnerabilities. |
|
VCID-rw5y-r3kg-n7hb
Aliases: CVE-2019-15485 GHSA-cj8p-53v9-2c26 |
Cross-site Scripting in Bolt |
Affected by 6 other vulnerabilities. |
|
VCID-s5qk-9k2c-nubd
Aliases: CVE-2020-4040 GHSA-2q66-6cc3-6xm8 |
CSRF issue on preview pages in Bolt CMS |
Affected by 3 other vulnerabilities. |
|
VCID-sttu-yhw3-pucg
Aliases: CVE-2021-40219 GHSA-gprh-7767-cw39 |
Code Injection in Bolt CMS |
Affected by 0 other vulnerabilities. |
|
VCID-vw6d-j33s-3uhb
Aliases: CVE-2024-7300 GHSA-xhqw-4hcq-fcvr |
A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file /bolt/editcontent/showcases of the component Showcase Creation Handler. The manipulation of the argument title/textarea leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the affected release tree is end-of-life. |
Affected by 1 other vulnerability. |
|
VCID-yta5-ntpx-tqgk
Aliases: CVE-2019-15483 GHSA-ph84-vg7q-fqq8 |
Affected by 6 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||