CVE-2014-10074: Unrestricted Upload of File with Dangerous Type
(updated )
Umbraco has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.
References
Detect and mitigate CVE-2014-10074 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →