Shodan
Vulnerabilities
Vulnerable Software
Concretecms:  >> Concrete Cms  >> 5.6.3.3  Security Vulnerabilities
CVE-2017-18195
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers.
CVSS Score
5.3
EPSS Score
0.037
Published
2018-02-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved