Name of the Vulnerable Software and Affected Versions:

Badaso CMS version 2.9.11

Description:

The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload, enabling an attacker to run arbitrary system commands and achieve full compromise of the underlying host. This was demonstrated by embedding a backdoor within a PDF and renaming it with a .php extension.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.