Vulnerabilities > Layerbb > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-19 | CVE-2019-13973 | Unrestricted Upload of File with Dangerous Type vulnerability in Layerbb 1.1.3 LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename suffix is not restricted, and .php may be used. | 9.8 |
| 2019-03-07 | CVE-2018-17988 | SQL Injection vulnerability in Layerbb 1.1.1/1.1.3 LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter. | 9.8 |