Every CVE whose affected-product data names Boltcms Bolt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2022-31321 — CVSS 9.1 (critical): The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory…
CVE-2025-34086 — CVSS 8.8 (high): Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code…
CVE-2019-10874 — CVSS 8.8 (high): Cross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary…
CVE-2019-9185 — CVSS 8.8 (high): Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by…
CVE-2020-4040 — CVSS 8.6 (high): Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the…
CVE-2021-27367 — CVSS 7.5 (high): Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal.
CVE-2020-4041 — CVSS 7.4 (high): In Bolt CMS before version 3.7.1, the filename of uploaded files was vulnerable to stored XSS. It is not possible to inject javascript code…
CVE-2015-7309 — CVSS 6.5 (medium): The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to…
CVE-2019-9553 — CVSS 6.1 (medium): Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933.
CVE-2019-20058 — CVSS 6.1 (medium): Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is shown on the _profiler page. NOTE: this…
CVE-2017-11127 — CVSS 5.4 (medium): Bolt CMS 3.2.14 allows stored XSS by uploading an SVG document with a "Content-Type: image/svg+xml" header.
CVE-2017-11128 — CVSS 5.4 (medium): Bolt CMS 3.2.14 allows stored XSS via text input, as demonstrated by the Title field of a New Entry.
CVE-2017-16754 — CVSS 5.3 (medium): Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and…
CVE-2020-28925 — CVSS 5.3 (medium): Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden…
CVE-2024-7299 — CVSS 3.5 (low): ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Bolt CMS 3.7.1. It has been rated as problematic. This issue affects some…
CVE-2024-7300 — CVSS 3.5 (low): A vulnerability classified as problematic has been found in Bolt CMS 3.7.1. Affected is an unknown function of the file…