Vulnerabilities > Zucchetti > Infobusiness > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-30 | CVE-2019-18206 | Cross-Site Request Forgery (CSRF) vulnerability in Zucchetti Infobusiness 4.4.1 A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBusiness before and including 4.4.1 allows arbitrary file upload. | 8.8 |
| 2019-10-30 | CVE-2019-18204 | Unrestricted Upload of File with Dangerous Type vulnerability in Zucchetti Infobusiness 4.4.1 Zucchetti InfoBusiness before and including 4.4.1 allows any authenticated user to upload .php files in order to achieve code execution. | 8.8 |