Vulnerabilities > Kentico > Kentico CMS > 11.0.2

DATE CVE VULNERABILITY TITLE RISK
2019-04-10 CVE-2018-19453 Unrestricted Upload of File with Dangerous Type vulnerability in Kentico CMS
Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type.
network
kentico CWE-434
6.8
6.8
2018-03-19 CVE-2018-6843 SQL Injection vulnerability in Kentico CMS
Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface.
network
low complexity
kentico CWE-89
6.5
6.5
2018-03-19 CVE-2018-6842 Cross-site Scripting vulnerability in Kentico CMS
Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page.
network
kentico CWE-79
3.5
3.5