CVE-2021-40889

Name of the Vulnerable Software and Affected Versions CMSUno version 1.7.2

Description The issue allows for PHP code execution. It occurs in the sauvePass action within the {webroot}/uno/central.php file, which uses the file put contents() function to write the username in the password.php file when a user successfully changes their password. An attacker can inject malicious PHP code into password.php and then use the login function to execute the code.

Recommendations For CMSUno version 1.7.2, consider disabling the sauvePass action in the {webroot}/uno/central.php file as a temporary workaround until a patch is available. Restrict access to the password.php file to minimize the risk of exploitation. Avoid using the file put contents() function to write user input to files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.