Neverlandre

**Name of the Vulnerable Software and Affected Versions** 299Ko CMS version 2.0.0 **Description** A critical vulnerability exists in the File Management component of 299Ko CMS 2.0.0. The issue involves unrestricted file upload through manipulation of the `/admin/filemanager/view` file. The attack can be initiated remotely, and the exploit has been publicly disclosed. The vendor was informed of this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.