Vulnerabilities > Hoosk > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-16 | CVE-2022-43234 | Unrestricted Upload of File with Dangerous Type vulnerability in Hoosk 1.8.0 An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2020-09-30 | CVE-2020-26042 | SQL Injection vulnerability in Hoosk 1.8.0 An issue was discovered in Hoosk CMS v1.8.0. | 9.8 |
| 2020-09-30 | CVE-2020-26041 | Unspecified vulnerability in Hoosk 1.8.0 An issue was discovered in Hoosk CmS v1.8.0. | 9.8 |
| 2018-09-10 | CVE-2018-16771 | Code Injection vulnerability in Hoosk 1.7.0 Hoosk v1.7.0 allows PHP code execution via a SiteUrl that is provided during installation and mishandled in config.php. | 9.8 |