Vulnerabilities > Creatiwity > Witycms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-29725 | Unrestricted Upload of File with Dangerous Type vulnerability in Creatiwity Witycms 0.6.2 An arbitrary file upload in the image upload component of wityCMS v0.6.2 allows attackers to execute arbitrary code via a crafted PHP file. | 8.8 |
| 2018-07-13 | CVE-2018-14029 | Cross-Site Request Forgery (CSRF) vulnerability in Creatiwity Witycms 0.6.2 CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field. | 8.8 |