GHSA-55PP-293F-3365 silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

silverstripe/userforms file upload exposure on UserForms module

The userforms module allows CMS administrators to create public facing forms with file upload abilities. These files are uploaded into a predictable public path on the website, unless configured otherwise by the CMS administrator setting up the form. While the name of the uploaded file itself is...

PT-2024-40089 · Silverstripe · Silverstripe-Secureassets +1

Name of the Vulnerable Software and Affected Versions: silverstripe-userforms versions prior to 3.0.0 silverstripe-userforms version 3.0.0 when used with silverstripe-secureassets module Description: The issue allows CMS administrators to create public-facing forms with file upload abilities, whi...

Design/Logic Flaw

Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions for example HTML code in a TXT file. When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Upload...

Microsoft Office: Load Controls in Forms3

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013loadcontrolsform3.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Load Controls in Forms3 Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is...

SS-2015-018: File upload exposure on UserForms module

More info at https://www.silverstripe.org/software/download/security-releases/ss-2015-018/...