CVE-2022-50898

Name of the Vulnerable Software and Affected Versions NanoCMS version 0.4

Description An authenticated file upload issue allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files containing arbitrary code to the server's pages directory by exploiting the page creation mechanism, which lacks proper input sanitization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.