RSS   Vulnerabilities for 'Maracms'   RSS

2020-09-03
 
CVE-2020-25042

CWE-434
 

 
An arbitrary file upload issue exists in Mara CMS 7.5. In order to exploit this, an attacker must have a valid authenticated (admin/manager) session and make a codebase/dir.php?type=filenew request to upload PHP code to codebase/handler.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top