Vulnerabilities > Bludit > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-01 | CVE-2023-24674 | Missing Authorization vulnerability in Bludit 4.0.0 Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter. | 7.8 |
| 2023-06-26 | CVE-2020-20210 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.9.2 Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images. | 8.8 |
| 2023-05-16 | CVE-2023-31572 | Unspecified vulnerability in Bludit 4.0.0 An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. | 8.8 |
| 2021-08-20 | CVE-2020-18879 | Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.8.1 Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'. | 7.5 |