Gsuhy-Lo

**Name of the Vulnerable Software and Affected Versions** NucleusCMS version 3.71 **Description** The issue allows a remote attacker to execute arbitrary code. This is achieved via the "https://example.com/nucleus/plugins/skinfiles/?dir=rsd" API endpoint, where the `dir` parameter is set to `rsd`. **Recommendations** For NucleusCMS version 3.71, consider disabling the file upload functionality until a patch is available. Restrict access to the /nucleus/plugins/skinfiles/ API endpoint to minimize the risk of exploitation. Avoid using the `dir` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Nucleus CMS version 3.71 **Description** The issue allows an attacker to upload a malicious file by changing the upload path to a location without an Htaccess file. By uploading an Htaccess file with the content 'AddType application/x-httpd-php.jpg', an attacker can then upload a picture with a shell, which can be executed as PHP, enabling the attacker to execute commands and potentially take down website resources. **Recommendations** For Nucleus CMS version 3.71, consider disabling the file upload feature until a patch is available to prevent exploitation. Restrict access to the upload functionality to minimize the risk of malicious file uploads. Avoid using the upload feature to upload files with potentially executable content, such as images with embedded shells, until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.