📦 Payload
by Payloadcms
🔍 What is Payload?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This is a critical SQL injection vulnerability in Payload CMS versions before 3.73.0 that allows unauthenticated attackers to extract sensitive data and achieve full account takeover. The vulnerabilit...
CVE-2022-27952 is a critical arbitrary file upload vulnerability in PayloadCMS v0.15.0 that allows attackers to upload malicious SVG files containing embedded code. This enables remote code execution ...
Payload CMS versions before 3.75.0 contain a Server-Side Request Forgery (SSRF) vulnerability in external file upload functionality. Authenticated users with upload permissions can exploit insufficien...
This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in Payload CMS where authenticated users from one authentication collection can read and delete preferences belonging to use...