Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Formidable Project Subscribe
Filtered by product Formidable
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29622 1 Formidable Project 1 Formidable 2023-02-08 7.5 HIGH 9.8 CRITICAL
An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled.