2 matches found
CVE-2022-32994
Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload...
CVE-2022-32994
CVE-2022-32994 affects Halo CMS v1.5.3, with an arbitrary file upload vulnerability exposed via the /api/admin/attachments/upload component. The root cause is not explicitly described in the connected documents beyond the upload endpoint vulnerability. NVD lists a HIGH/CRITICAL impact profile (CV...