Shodan
Vulnerabilities
Vulnerable Software
Contao:  >> Contao  >> 4.5.1  Security Vulnerabilities
CVE-2021-35210
Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-06-23
CVE-2018-10125
Contao before 4.5.7 has XSS in the system log.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-16
CVE-2019-11512
Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7.5.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-07-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved