Vulnerabilities > Flatcore > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-23 | CVE-2021-39608 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore Flatcore-Cms 2.0.7 Remote Code Execution (RCE) vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code. | 9.0 |
| 2020-08-09 | CVE-2020-17452 | Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore flatCore before 1.5.7 allows upload and execution of a .php file by an admin. | 9.0 |