Xerte ≫ Xerte

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

8.8

CVE-2021-44664

Exploit

EPSS 13.47%
Published 24.02.2022 21:15:07
Last modified 21.11.2024 06:31:20

An Authenticated Remote Code Exection (RCE) vulnerability exists in Xerte through 3.9 in website_code/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the uplo...

6.5

CVE-2021-44665

Exploit

EPSS 5.47%
Published 24.02.2022 21:15:07
Last modified 21.11.2024 06:31:20

A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php.