CVE-2014-10074

Published: Aug 27, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/Umbraco/Umbraco-CMS/commit/cad06502235acabf7fb7dca779d2f78f08547e39

x_refsource_MISC

http://issues.umbraco.org/issue/U4-5901

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-10074

Description

Affected Products

References