Approved changes feed: RSS · Atom
cpe:2.3:a:umbraco:umbraco:7.3.8:*:*:*:*:*:*:*
part: a version: 7.3.8 update: *
| Vendor | Umbraco (89be0333-81fe-5eb9-9281-55a77e50e27f) |
|---|---|
| Product | Umbraco (8ff523e0-d6f1-5ed0-a608-c2f722d82ed6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/umbraco/umbraco-cms |
purl2cpe | 2026-06-01 10:16:10.189178 |
pkg:nuget/UmbracoCms |
purl2cpe | 2026-06-01 10:16:10.189180 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-13957 |
vulnerable | 2026-06-08 05:12:52.872678 |
Details available
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter.
Published: 2019-10-02T18:46:07.000Z
Updated: 2024-08-05T00:05:44.167Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-8814 |
vulnerable | 2026-06-08 05:07:04.947642 |
Details available
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.
Published: 2017-03-03T16:00:00.000Z
Updated: 2024-08-06T08:29:22.079Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.