Vulnerabilities > Sentrifugo

DATE CVE VULNERABILITY TITLE RISK
2019-09-04 CVE-2019-15814 Cross-site Scripting vulnerability in Sentrifugo 3.2
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
network
low complexity
sentrifugo CWE-79
5.4
2019-09-04 CVE-2019-15813 Unrestricted Upload of File with Dangerous Type vulnerability in Sentrifugo 3.2
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
network
low complexity
sentrifugo CWE-434
8.8