PT-2021-11852 · Unknown · Bloofoxcms

U0Pattern

Published

2021-06-16

Updated

2021-06-17

CVE-2020-35760

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: bloofoxCMS version 0.5.2.1

Description: The issue allows attackers to upload malicious files, such as php files, due to an Unrestricted File Upload.

Recommendations: For bloofoxCMS version 0.5.2.1, consider restricting file uploads to only necessary and validated file types to minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2020-35760

Affected Products

Bloofoxcms

PT-2021-11852 · Unknown · Bloofoxcms

CVE-2020-35760

Weakness Enumeration

Related Identifiers

Affected Products

References · 3