Lucene search
UmbracoUmbraco Cms
3 matches found
CVE-2023-37267
Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco can allow unauthorized users access to admin-level permissions. This vulnerability was patched in versions 10.6.1, 11.4.2 and 12.0.1.
9.8CVSS8.4AI score0.00313EPSS
CVE-2012-1301
The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.
9.8CVSS9.2AI score0.03164EPSS
CVE-2014-10074
Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.
9.8CVSS9.7AI score0.014EPSS