VYPR

SentCMS

by FrogCMS

CVEs (3)

  • CVE-2022-24652Mar 10, 2022
    risk 0.00cvss epss 0.02

    sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.

  • CVE-2022-24651Mar 10, 2022
    risk 0.00cvss epss 0.02

    sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.

  • CVE-2021-26794Sep 23, 2021
    risk 0.00cvss epss 0.02

    Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file.