CVE-2014-10074
Summary: CVE-2014-10074 affects Umbraco prior to 7.2.0. The vulnerability stems from not blocking uploads of PHP files in Umbraco.Web.UI/config/umbracoSettings.Release.config, enabling an attacker to upload a PHP file and trigger remote code execution when that file is accessed. This is documente...