CVE-2024-29368

Name of the Vulnerable Software and Affected Versions moziloCMS version 2.0

Description The issue allows attackers to bypass file upload restrictions, potentially leading to unauthorized file execution or storage of malicious content. This is achieved by renaming files, which can result in the execution of arbitrary code when a crafted POST request is sent.

Recommendations For moziloCMS version 2.0, consider disabling the file handling module until a patch is available to prevent exploitation. Restrict access to the file upload functionality to minimize the risk of malicious file uploads. Avoid using the file renaming feature in the file handling module until the issue is resolved.