Kreatio CMS not affected by recently discovered file upload vulnerabilities
London: 13 March 2020
Kreatio Software today confirmed that their digital publishing platforms, including Kreatio Content Management System, SmartScribr Paywall software, Sindbad Directories, and Kreatio Leadgen platform are not affected by the file upload vulnerability that was recently discovered in many other content management systems.
South Korean Academics, working with a testing tool called FUSE had discovered these vulnerabilities in over 23 web-based applications, Content Management Systems and Forum software. The vulnerabilities relate to how the software handles user uploaded files and how malicious files and scripts can be uploaded to compromise the system.
At Kreatio, we tested all our platforms regularly for all vulnerabilities and have tested for the newly discovered ones. We can confirm that our platforms including Content Management System, Subscription Management Software and other Digital publishing systems do not have these vulnerabilities.
The Kreatio CMS and other Kreatio platforms do not use any of the technologies identified by the South Korean Academics as vulnerable. It uses a completely different architecture and technology stack. “At Kreatio, we extensively test our platforms before releasing them to our clients. After release they are regularly monitored for issues, including security vulnerabilities. We do not use the technologies that the vulnerable platforms use.” said Krishna Kumar, CEO of Kreatio Software.
As a part of the licensing and maintenance contract with our clients, Kreatio Software continuously monitors all its implementations for a range of security issues and vulnerabilities. If and when one is found, it is immediately patched at no additional cost to the publisher.
Kreatio platforms are monitored round the clock, not only vulnerabilities, but also for a number of other performance and health parameters, including load conditions, open ports, disk space and free memory availability, malicious attacks and the like.
About Kreatio CMS: The Kreatio CMS is a modern, modular content management system built to meet the needs of digital publishers and organizations. The Kreatio CMS is a fully API based systems that follows a microservices architecture. The Kreatio CMS is a critical component of the monetization strategy for publishers across the globe. Kreatio CMS already incorporates many monetization features that will take extra time and cost with other comparable systems. The system also provides seamless single sign on with other Kreatio platforms.
About Kreatio Software: Kreatio software (www.kreatio.com) provides digital publishing platforms across the globe. All Kreatio platforms are provisioned as fully supported and maintained cloud based platforms. It follows a unique support model where all uptime monitoring, bug fixes and security patches are free for the life of the contract. Kreatio also regularly delivers new features and updates to existing features without additional charges. Over the lifetime of the contract, Kreatio CMS provides one of the lowest total costs amongst all comparable systems. Our 24 hour help desk and round the clock monitoring systems ensure that our clients do not have to worry about the health of their publishing systems and can focus on their business while we take care of their software systems.
For further information:
Matthew Herterich, Director,