Vulnerabilities (CVE)

Filtered by vendor Shift-tech Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42458 1 Shift-tech 1 Bingo\!cms 2024-11-21 N/A 9.8 CRITICAL
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered.