SentCMS
by FrogCMS
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24652 | 0.00 | — | 0.02 | Mar 10, 2022 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload. | |||
| CVE-2022-24651 | 0.00 | — | 0.02 | Mar 10, 2022 | sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload. | |||
| CVE-2021-26794 | 0.00 | — | 0.02 | Sep 23, 2021 | Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file. |
- CVE-2022-24652Mar 10, 2022risk 0.00cvss —epss 0.02
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
- CVE-2022-24651Mar 10, 2022risk 0.00cvss —epss 0.02
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.
- CVE-2021-26794Sep 23, 2021risk 0.00cvss —epss 0.02
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.