Vulnerabilities > Footy

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2019-17058 Unrestricted Upload of File with Dangerous Type vulnerability in Footy Tipping Software 2019
Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads a crafted upload.dat file.
network
low complexity
footy CWE-434
6.5
2019-11-18 CVE-2019-17057 Cross-site Scripting vulnerability in Footy Tipping Software 2019
Footy Tipping Software AFL Web Edition 2019 allows XSS.
network
footy CWE-79
4.3