CVE-2023-50104

Name of the Vulnerable Software and Affected Versions ZZCMS 2023

Description The issue is related to a file upload vulnerability in the 3/E bak5.1/upload/index.php file, which allows attackers to exploit this loophole and gain server privileges, enabling them to execute arbitrary code. The vulnerability is located in the "3/E bak5.1/upload/index.php" file.

Recommendations For ZZCMS 2023, consider disabling the file upload functionality in the 3/E bak5.1/upload/index.php file as a temporary workaround until a patch is available. Restrict access to this file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.