Vulnerabilities > Baigo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-06 | CVE-2022-26607 | Unrestricted Upload of File with Dangerous Type vulnerability in Baigo CMS 3.0 A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file. | 7.2 |
| 2019-03-24 | CVE-2019-10015 | Code Injection vulnerability in Baigo SSO 3.0.1 baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file. | 7.2 |