Total vulnerabilities in the database
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS before 6.0.4 does not require authentication, which allows remote attackers to execute arbitrary ASP.NET code via a crafted SOAP request.
Software | From | Fixed in |
---|---|---|
umbraco / umbraco_cms | - | 6.0.3.x |