PT-2023-11534 · Unknown · Cskaza Csz Cms

Publicado

2023-03-23

Atualizado

2023-03-30

CVE-2020-19786

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CSKaza CSZ CMS versions 1.2.2 through 1.2.3

Description The issue allows an attacker to execute arbitrary commands and code via a crafted PHP file, exploiting a file upload vulnerability.

Recommendations For CSKaza CSZ CMS versions 1.2.2 through 1.2.3, update to version 1.2.4 to resolve the issue.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2020-19786

Cskaza Csz Cms