CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2012-1301
https://notcve.org/view.php?id=CVE-2012-1301
13 Apr 2017 — The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter. El script FeedProxy.aspx en Umbraco 4.7.0 permite a los atacantes remotos a las solicitudes de proxy en su nombre a través del parámetro "url". • http://www.securityfocus.com/archive/1/522218 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-4793
https://notcve.org/view.php?id=CVE-2013-4793
27 Dec 2014 — The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to execute arbitrary ASP.NET code via a crafted SOAP request. La función update en umbraco.webservices/templates/templateService.cs en el componente TemplateService en Umbraco CMS anterior a 6.0.4 no requiere autenticación, lo que permite a atacantes remotos ejecutar código ASP.NET arbitrario a través de una petici... • https://labs.mwrinfosecurity.com/advisories/2013/11/29/umbraco-cms-templateservice-remote-code-execution • CWE-287: Improper Authentication •