2 matches found
CVE-2019-12277
Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname...
CVE-2019-11887
CVE-2019-11887 affects SimplyBook.me up to 2019-05-11 and stems from insufficient restrictions on file uploads, enabling remote code execution. The entry is supported by NVD entries (CVE-2019-11887) and related records; CVSS v2 base score 7.5 (HIGH) and CVSS v3 base score 9.8 (CRITICAL) reflect n...