Yggcwhat

**Name of the Vulnerable Software and Affected Versions** HuoCMS versions 3.5.1 and earlier **Description** The issue allows attackers to take control of the target server through file upload. **Recommendations** For HuoCMS versions 3.5.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HuoCMS version 3.5.1 **Description** The issue allows an attacker to exploit a flaw and bypass whitelist restrictions, enabling them to craft malicious files with specific suffixes and potentially gain control of the server. **Recommendations** For HuoCMS version 3.5.1, consider restricting file upload capabilities until a patch is available, and ensure that only authorized users have access to file upload functions to minimize the risk of exploitation.