verot/class.upload.php Security Advisories for 2.0.0 (3)
-
[MEDIUM] class.upload.php allows cross-site scripting attacks via uploaded files
PKSA-3n81-fgxd-xfh7 CVE-2023-6551 GHSA-v6f4-jwv9-682w
Affected version: <=2.1.6
Reported by:
GitHub -
[CRITICAL] class.upload.php in verot.net omits .pht from the set of dangerous file extensions
PKSA-txjv-dtcf-9yxc CVE-2019-19634 GHSA-2gc7-w4hw-rr2m
Affected version: >=2.0.0,<=2.0.4|<=1.0.3
Reported by:
GitHub -
[CRITICAL] Remote code execution in verot/class.upload.php
PKSA-fw66-3c2z-mp1p CVE-2019-19576 GHSA-r5gm-4p5w-pq2p
Affected version: >=2.0.0,<2.0.4|<1.0.3
Reported by:
GitHub