Vulnerabilities > MK Auth > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-28 | CVE-2023-27246 | Unrestricted Upload of File with Dangerous Type vulnerability in Mk-Auth 19.01 An arbitrary file upload vulnerability in the Virtual Disk of MK-Auth 23.01K4.9 allows attackers to execute arbitrary code via uploading a crafted .htaccess file. | 8.8 |
| 2021-01-04 | CVE-2021-21495 | Cross-Site Request Forgery (CSRF) vulnerability in Mk-Auth 19.01 MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executar_central.php?acao=altsenha_princ URI. | 8.8 |