The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Contao

Contao: three vulnerabilities
An attacker can use several vulnerabilities of Contao...
CVE-2019-19712, CVE-2019-19714, CVE-2019-19745, VIGILANCE-VUL-31178
Contao: SQL injection
An attacker can use a SQL injection of Contao, in order to read or alter data...
CVE-2019-11512, VIGILANCE-VUL-29164
Contao: privilege escalation via Opt-in Tokens
An attacker can bypass restrictions via Opt-in Tokens of Contao, in order to escalate his privileges...
CVE-2019-10643, VIGILANCE-VUL-28981
Contao: privilege escalation via Request Token
An attacker can bypass restrictions via Request Token of Contao, in order to escalate his privileges...
CVE-2019-10642, VIGILANCE-VUL-28980
Contao: privilege escalation via Valid Session After Password Change
An attacker can bypass restrictions via Valid Session After Password Change of Contao, in order to escalate his privileges...
CVE-2019-10641, VIGILANCE-VUL-28979
Contao: information disclosure via Back End Users Records View
An attacker can bypass access restrictions to data via Back End Users Records View of Contao, in order to obtain sensitive information...
CVE-2018-20028, VIGILANCE-VUL-28026
TCPDF: code execution
An attacker can use a vulnerability of TCPDF, in order to run code...
CVE-2018-17057, FEDORA-2018-187e212568, FEDORA-2018-f1ca41a1a6, VIGILANCE-VUL-27255
Contao: Cross Site Scripting via Back End System Log
An attacker can trigger a Cross Site Scripting via Back End System Log of Contao, in order to run JavaScript code in the context of the web site...
CVE-2018-10125, VIGILANCE-VUL-25911
Contao: Cross Site Scripting via newsletter
An attacker can trigger a Cross Site Scripting via newsletter of Contao, in order to run JavaScript code in the context of the web site...
CVE-2018-5478, VIGILANCE-VUL-25111
Contao: SQL injection
An attacker can use a SQL injection of Contao, in order to read or alter data...
CVE-2017-16558, VIGILANCE-VUL-24480
Our database contains other pages. You can request a free trial to read them.

Display information about Contao: