VYPR

sentcms

by Sentcms

CVEs (2)

  • CVE-2022-24652CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.

  • CVE-2022-24651CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.