3.0.0.5

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-24	CVE-2016-10756	Cross-Site Request Forgery (CSRF) vulnerability in Kliqqi CMS 3.0.0.5 Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/upload_main.php can be used for the upload itself. network low complexity kliqqi CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.