Critical severity9.8NVD Advisory· Published Aug 27, 2018· Updated Jun 17, 2026
CVE-2014-10074
CVE-2014-10074
Description
Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<7.2.0+ 1 more
- (no CPE)range: <7.2.0
- (no CPE)range: <7.2.0
Patches
Vulnerability mechanics
References
2- github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39nvdPatchThird Party Advisory
- issues.umbraco.org/issue/U4-5901nvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.