Security Vulnerabilities, CVEs, Published In December 2019 (File inclusion) CVSS score >= 8
Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server.
Max CVSS
8.8
EPSS Score
0.10%
Published
2019-12-17
Updated
2019-12-18
Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a different vulnerability than CVE-2019-15931. This leads to unauthenticated code execution.
Max CVSS
9.8
EPSS Score
0.33%
Published
2019-12-12
Updated
2021-07-21
2 vulnerabilities found