3 matches found
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution...
CVE-2021-42675
Kreado Kreasfero 1.5 contains a vulnerability where uploaded files to the media directory are not properly sanitized, allowing an attacker to upload a malicious PHP file and obtain remote code execution. This CVE entry documents the impact as remote code execution with network access and no authe...