RSS   Vulnerabilities for 'Sentcms'   RSS

2022-03-10
 
CVE-2022-24651

CWE-434
 

 
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload.

 
 
CVE-2022-24652

CWE-434
 

 
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload.

 


Copyright 2024, cxsecurity.com

 

Back to Top