Vulnerabilities > Tadtools Project > Tadtools > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-41975 | Missing Authentication for Critical Function vulnerability in Tadtools Project Tadtools TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in. | 9.1 |
| 2021-10-08 | CVE-2021-41566 | Unrestricted Upload of File with Dangerous Type vulnerability in Tadtools Project Tadtools The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in. | 9.8 |