Vulnerabilities > Backdropcms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-42092 | Unrestricted Upload of File with Dangerous Type vulnerability in Backdropcms Backdrop CMS 1.22.0 Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. | 7.2 |
| 2022-02-03 | CVE-2021-45268 | Cross-Site Request Forgery (CSRF) vulnerability in Backdropcms Backdrop 1.20.0 A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. | 8.8 |