Kreasfero
1 CVEs
product
Monthly
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
File Upload
RCE
PHP
Kreasfero
NVD
VulDB
CVSS 3.1
9.8
EPSS
3.1%
EPSS 3%
CVSS 9.8
CRITICAL
POC
Act Now
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
File Upload
RCE
PHP
+1
NVD
VulDB