← Back

Sentcms

sentcms

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Sentcms
sentcms
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-24652
1Sentcms
1Sentcms
Jun 17, 2026
Mar 10, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.
CVE-2022-24651
1Sentcms
1Sentcms
Jun 17, 2026
Mar 10, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.