Mautic

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-3105 HIGH PATCH This Week

Mautic's Contact Activity API endpoint is vulnerable to SQL injection due to insufficient validation of the sort direction parameter, allowing authenticated attackers to execute arbitrary SQL queries. This high-severity vulnerability (CVSS 7.6) affects multiple versions and could enable unauthorized data access or modification. No patch is currently available; users should contact [email protected] for mitigation guidance.

SQLi Mautic
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2024-47055 MEDIUM PATCH Monitor

SummaryThis advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Mautic
NVD GitHub
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-47053 HIGH PATCH This Week

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mautic
NVD GitHub
CVSS 3.1
7.7
EPSS
0.1%
CVE-2024-47051 CRITICAL PATCH Act Now

This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP RCE Path Traversal Mautic
NVD GitHub
CVSS 3.1
9.1
EPSS
0.7%
CVE-2026-3105
EPSS 0% CVSS 7.6
HIGH PATCH This Week

Mautic's Contact Activity API endpoint is vulnerable to SQL injection due to insufficient validation of the sort direction parameter, allowing authenticated attackers to execute arbitrary SQL queries. This high-severity vulnerability (CVSS 7.6) affects multiple versions and could enable unauthorized data access or modification. No patch is currently available; users should contact [email protected] for mitigation guidance.

SQLi Mautic
NVD GitHub
CVE-2024-47055
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

SummaryThis advisory addresses a security vulnerability in Mautic related to the segment cloning functionality. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Authentication Bypass Mautic
NVD GitHub
CVE-2024-47053
EPSS 0% CVSS 7.7
HIGH PATCH This Week

This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Mautic
NVD GitHub
CVE-2024-47051
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP RCE Path Traversal +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy