Vulnerabilities > Wallaceit > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-31 | CVE-2019-3960 | Unrestricted Upload of File with Dangerous Type vulnerability in Wallaceit Wallacepos 1.4.3 Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file. | 7.2 |
| 2019-07-31 | CVE-2019-3959 | Cross-Site Request Forgery (CSRF) vulnerability in Wallaceit Wallacepos 1.4.3 Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |