Vulnerabilities > Blackcat CMS > Blackcat CMS > 1.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-15 | CVE-2020-25453 | Cross-Site Request Forgery (CSRF) vulnerability in Blackcat-Cms Blackcat CMS An issue was discovered in BlackCat CMS before 1.4. | 6.8 |
| 2017-09-12 | CVE-2017-14399 | Unrestricted Upload of File with Dangerous Type vulnerability in Blackcat-Cms Blackcat CMS 1.2.2 In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajax_rename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php. | 6.5 |