Every CVE whose affected-product data names Kreado Kreasfero, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-42675 — CVSS 9.8 (critical): Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain…