Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload.
CPE | Name | Operator | Version |
---|---|---|---|
halo | eq | 1.3.0-beta.3 | |
halo | eq | 0.0.7 | |
halo | eq | 1.5.0-alpha.2 | |
halo | eq | 1.2.0-beta.3 | |
halo | eq | 1.0.0-beta.6 | |
halo | eq | 1.3.0 | |
halo | eq | 1.4.7 | |
halo | eq | 0.0.9 | |
halo | eq | 0.2.0 | |
halo | eq | 1.5.0 |