CVE-2023-26852

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file.

textpattern/textpattern
textpattern/textpattern
A flexible, elegant, fast and easy-to-use content management system written in PHP.
GitHubGitHub
871
leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-
leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-
Textpattern v4.8.8 and Below are vulnerable to Unrestricted File Upload Leading to Remote Code Execution
GitHubGitHub