Vulnerabilities > Batflat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-01 | CVE-2021-41652 | Incorrect Default Permissions vulnerability in Batflat 1.3.6 Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the entire database. | 7.5 |
| 2021-02-15 | CVE-2020-35734 | Code Injection vulnerability in Batflat 1.3.6 Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. | 7.2 |