2 matches found
PT-2024-40178 · Shopware · Shopware
Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 5.2.25 Description: The issue allows for the execution of authorized foreign code under certain circumstances. Recommendations: For versions prior to 5.2.25, update to version 5.2.25 or later to resolve the issue...
CVE-2009-2146
Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition aka SugarCRM before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct...