Vulnerabilities > Kentico > Kentico CMS > 5.5

DATE CVE VULNERABILITY TITLE RISK
2021-03-05 CVE-2021-27581 SQL Injection vulnerability in Kentico CMS 5.5
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
network
low complexity
kentico CWE-89
critical
9.8
2019-04-10 CVE-2018-19453 Unrestricted Upload of File with Dangerous Type vulnerability in Kentico CMS
Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type.
network
low complexity
kentico CWE-434
8.8