Vulnerabilities > Rangerstudio > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-19 | CVE-2019-13980 | Unrestricted Upload of File with Dangerous Type vulnerability in Rangerstudio Directus 7 API In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx. | 6.8 |
| 2019-07-19 | CVE-2019-13979 | Unrestricted Upload of File with Dangerous Type vulnerability in Rangerstudio Directus 7 API In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, leading to uploads/_/originals remote code execution. | 6.8 |