Vulnerabilities > Planetestream > Planet Estream > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-25 | CVE-2022-45896 | Unrestricted Upload of File with Dangerous Type vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. | 9.8 |
| 2022-12-25 | CVE-2022-45891 | Incorrect Authorization vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform unauthenticated uploads (Upload2.ashx) or access content uploaded by other users (View.aspx after Ajax.asmx/SaveGrantAccessList). | 9.1 |