Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|---|
CVE-2019-14315 | BDSA-2019-5025 | Medium | Jul 28, 2019 | A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inje more... |
3.12, 3.11, 3.10, 3.0, 2.54, 2.53, 2.52
|
CVE-2018-25002 | High | Jan 01, 2021 | uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is no more... |
3.12, 3.11, 3.10, 3.0, 2.54, 2.53, 2.52
|