Boltcms: >> Bolt >> 3.7.4.1 Security Vulnerabilities
The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input.
CVSS Score
9.1
EPSS Score
0.001
Published
2022-08-01
Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-02-17