Horizontcms Security Vulnerabilities and Issues — Horizontcms CVE List

Lucene search

Horizontcms ProjectHorizontcms

2 matches found

CVE•added 2022/04/05 4:15 p.m.•85 views

CVE-2021-28428

File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was by...

9.8CVSS8.9AI score0.73657EPSS

CVE•added 2022/02/24 3:15 p.m.•77 views

CVE-2022-25104

HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/.

7.5CVSS7.6AI score0.00251EPSS