Vulnerabilities > Sitos > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-15751 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitos SIX 6.2.1 An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. | 9.8 |
| 2019-10-07 | CVE-2019-15748 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitos SIX 6.2.1 SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. | 9.8 |
| 2019-10-07 | CVE-2019-15746 | OS Command Injection vulnerability in Sitos SIX 6.2.1 SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. | 9.8 |