CVE-2022-1033 — CVSS 7.8 (high): Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6.
CVE-2023-46865 — CVSS 7.2 (high): /api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing…
CVE-2022-0242 — CVSS 7.2 (high): Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.
CVE-2022-1032 — CVSS 7.2 (high): Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6.