CVE-2020-18462

Name of the Vulnerable Software and Affected Versions AikCms version 2.0.0

Description The issue is related to a lack of restrictions on file uploads in the poster edit.php file of the AikCms content management system. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is due to the background file management office not verifying the uploaded files.

Recommendations For AikCms version 2.0.0, consider restricting access to the poster edit.php file until a patch is available, and ensure that all file uploads are properly verified to minimize the risk of exploitation.