← Back

Sentcms

sentcms

Vendor: Sentcms • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-24652
1Sentcms
1Sentcms
Jun 17, 2026
Mar 10, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
CVE-2022-24651
1Sentcms
1Sentcms
Jun 17, 2026
Mar 10, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.