Phpuploader Project Phpuploader — known CVE vulnerabilities
Every CVE whose affected-product data names Phpuploader Project Phpuploader, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-23986 — CVSS 7.5 (high): SQL injection vulnerability in the phpUploader v1.2 and earlier allows a remote unauthenticated attacker to obtain the information in the…
CVE-2022-24435 — CVSS 6.1 (medium): Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a remote unauthenticated attacker to inject an arbitrary script…