Vulnerabilities > Beescms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-08 | CVE-2020-23572 | Unrestricted Upload of File with Dangerous Type vulnerability in Beescms 4.0 BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. | 8.8 |
| 2019-02-15 | CVE-2019-8347 | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI. | 8.8 |
| 2018-07-05 | CVE-2018-12739 | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266. | 8.8 |
| 2018-04-22 | CVE-2018-10266 | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI. | 8.8 |