Vulnerabilities > Sitos > Sitos SIX > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-15746 | OS Command Injection vulnerability in Sitos SIX 6.2.1 SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. | 9.8 |
| 2019-10-07 | CVE-2019-15748 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitos SIX 6.2.1 SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. | 9.8 |
| 2019-10-07 | CVE-2019-15751 | Unrestricted Upload of File with Dangerous Type vulnerability in Sitos SIX 6.2.1 An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. | 9.8 |