RSS   Vulnerabilities for 'Wellcms'   RSS

2021-06-03
 
CVE-2020-21005

CWE-434
 

 
WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell.

 


Copyright 2024, cxsecurity.com

 

Back to Top