ReportizFlow
Filtered by vendor Dext5
Subscriptions
Filtered by product Dext5
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7832 | 2 Dext5, Microsoft | 2 Dext5, Windows | 2024-11-21 | 8.8 High |
| A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile function.(CVE-2020-7832) | ||||
| CVE-2020-13894 | 1 Dext5 | 1 Dext5 | 2024-11-21 | 7.5 High |
| handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field. | ||||
| CVE-2020-13442 | 1 Dext5 | 1 Dext5 | 2024-11-21 | 9.8 Critical |
| A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. | ||||
Page 1 of 1.