Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Umbraco Forms Security Vulnerabilities

cve
cve

CVE-2020-7685

This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend validation that bloc...

7.5CVSS

7.5AI Score

0.001EPSS

2020-07-28 05:15 PM
66
cve
cve

CVE-2021-33224

File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file.

9.8CVSS

9.5AI Score

0.003EPSS

2023-02-24 04:15 PM
29
cve
cve

CVE-2021-37334

Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been stored in a tempor...

9.8CVSS

9.8AI Score

0.017EPSS

2021-08-25 10:15 PM
31