verot/class.upload.php Security Advisories for 1.0.3 (2)
-
[MEDIUM] class.upload.php allows cross-site scripting attacks via uploaded files
PKSA-3n81-fgxd-xfh7 CVE-2023-6551 GHSA-v6f4-jwv9-682w
Affected version: <=2.1.6
Reported by:
GitHub -
[CRITICAL] class.upload.php in verot.net omits .pht from the set of dangerous file extensions
PKSA-txjv-dtcf-9yxc CVE-2019-19634 GHSA-2gc7-w4hw-rr2m
Affected version: >=2.0.0,<=2.0.4|<=1.0.3
Reported by:
GitHub